R3MRUM / PSDecode

Related projects ⓘ

Alternatives and complementary repositories for PSDecode

• danielbohannon / Revoke-Obfuscation
  PowerShell Obfuscation Detection Framework
  ☆725Updated 11 months ago
• JPCERTCC / ToolAnalysisResultSheet
  Tool Analysis Result Sheet
  ☆345Updated 6 years ago
• davidpany / WMI_Forensics
  ☆294Updated 4 years ago
• mandiant / ShimCacheParser
  ☆273Updated last year
• mandiant / flare-wmi
  ☆417Updated last year
• danielbohannon / Invoke-CradleCrafter
  PowerShell Remote Download Cradle Generator & Obfuscator
  ☆822Updated 6 years ago
• DissectMalware / XLMMacroDeobfuscator
  Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)
  ☆572Updated 6 months ago
• mandiant / SilkETW
  ☆732Updated last year
• travisfoley / dfirtriage
  Digital forensic acquisition tool for Windows based incident response.
  ☆334Updated 6 months ago
• beahunt3r / Windows-Hunting
  ☆347Updated 3 years ago
• felixweyne / imaginaryC2
  Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …
  ☆443Updated 2 years ago
• nbeede / BoomBox
  Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant
  ☆234Updated last year
• chenerlich / FCL
  FCL (Fileless Command Lines) - Known command lines of fileless malicious executions
  ☆462Updated 3 years ago
• JPCERTCC / SysmonSearch
  Investigate suspicious activity by visualizing Sysmon's event log
  ☆417Updated 10 months ago
• leechristensen / UnmanagedPowerShell
  Executes PowerShell from an unmanaged process
  ☆476Updated 8 years ago
• 0x0be / PEpper
  An open source script to perform malware static analysis on Portable Executable
  ☆309Updated last year
• ubeeri / Invoke-UserSimulator
  Simulates common user behaviour on local and remote Windows hosts.
  ☆283Updated 6 years ago
• Infocyte / PSHunt
  Powershell Threat Hunting Module
  ☆279Updated 8 years ago
• JPCERTCC / MalConfScan
  Volatility plugin for extracts configuration data of known malware
  ☆485Updated 10 months ago
• sbousseaden / Slides
  Misc Threat Hunting Resources
  ☆372Updated last year
• Cyb3rWard0g / Invoke-ATTACKAPI
  A PowerShell script to interact with the MITRE ATT&CK Framework via its own API
  ☆367Updated 5 years ago
• ANSSI-FR / bmc-tools
  RDP Bitmap Cache parser
  ☆479Updated 11 months ago
• n0dec / MalwLess
  Test Blue Team detections without running any attack.
  ☆271Updated 6 months ago
• nccgroup / Cyber-Defence
  Information released publicly by NCC Group's Cyber Incident Response Team
  ☆474Updated 2 years ago
• samratashok / Deploy-Deception
  A PowerShell module to deploy active directory decoy objects.
  ☆223Updated 5 years ago
• mkorman90 / regipy
  Regipy is an os independent python library for parsing offline registry hives
  ☆244Updated 2 months ago
• MalwareArchaeology / ATTACK
  MITRE ATT&CK Windows Logging Cheat Sheets
  ☆332Updated 6 years ago
• JavelinNetworks / HoneypotBuster
  ☆279Updated 6 years ago
• MarkBaggett / srum-dump
  A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet.
  ☆596Updated last week
• joesecurity / pafishmacro
  Pafish Macro is a Macro enabled Office Document to detect malware analysis systems and sandboxes. It uses evasion & detection techniques …
  ☆278Updated 7 years ago