Alternatives and similar repositories for PSDecode

Users that are interested in PSDecode are comparing it to the libraries listed below

• danielbohannon / Revoke-Obfuscation
  PowerShell Obfuscation Detection Framework
  ☆735Updated last year
• JPCERTCC / ToolAnalysisResultSheet
  Tool Analysis Result Sheet
  ☆348Updated 7 years ago
• davidpany / WMI_Forensics
  ☆302Updated 4 years ago
• mandiant / ShimCacheParser
  ☆276Updated 2 years ago
• DissectMalware / XLMMacroDeobfuscator
  Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)
  ☆578Updated last year
• travisfoley / dfirtriage
  Digital forensic acquisition tool for Windows based incident response.
  ☆340Updated last year
• mandiant / flare-wmi
  ☆428Updated 2 years ago
• mkorman90 / regipy
  Regipy is an os independent python library for parsing offline registry hives
  ☆255Updated last week
• beahunt3r / Windows-Hunting
  ☆350Updated 4 years ago
• danielbohannon / Invoke-CradleCrafter
  PowerShell Remote Download Cradle Generator & Obfuscator
  ☆837Updated 7 years ago
• mandiant / SilkETW
  ☆765Updated last year
• decalage2 / ViperMonkey
  A VBA parser and emulation engine to analyze malicious macros.
  ☆1,091Updated 10 months ago
• ANSSI-FR / bmc-tools
  RDP Bitmap Cache parser
  ☆531Updated 3 months ago
• felixweyne / imaginaryC2
  Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …
  ☆447Updated 2 years ago
• JPCERTCC / SysmonSearch
  Investigate suspicious activity by visualizing Sysmon's event log
  ☆421Updated last year
• EricZimmerman / evtx
  C# based evtx parser with lots of extras
  ☆303Updated 3 weeks ago
• leechristensen / UnmanagedPowerShell
  Executes PowerShell from an unmanaged process
  ☆486Updated 9 years ago
• Infocyte / PSHunt
  Powershell Threat Hunting Module
  ☆283Updated 8 years ago
• n0dec / MalwLess
  Test Blue Team detections without running any attack.
  ☆272Updated last year
• airbus-cert / regrippy
  A modern Python-3-based alternative to RegRipper
  ☆194Updated last month
• chenerlich / FCL
  FCL (Fileless Command Lines) - Known command lines of fileless malicious executions
  ☆467Updated 4 years ago
• danielbohannon / Invoke-DOSfuscation
  Cmd.exe Command Obfuscation Generator & Detection Test Harness
  ☆882Updated 7 years ago
• nbeede / BoomBox
  Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant
  ☆236Updated 2 years ago
• gleeda / memtriage
  Allows you to quickly query a Windows machine for RAM artifacts
  ☆221Updated 4 years ago
• mbevilacqua / appcompatprocessor
  "Evolving AppCompat/AmCache data analysis beyond grep"
  ☆203Updated 3 years ago
• Cyb3rWard0g / Invoke-ATTACKAPI
  A PowerShell script to interact with the MITRE ATT&CK Framework via its own API
  ☆368Updated 6 years ago
• WithSecureLabs / snake
  snake - a malware storage zoo
  ☆216Updated last year
• csababarta / ntdsxtract
  Active Directory forensic framework
  ☆324Updated 3 years ago
• mitre-attack / attack-arsenal
  A collection of red team and adversary emulation resources developed and released by MITRE.
  ☆506Updated 4 years ago
• JPCERTCC / MalConfScan
  Volatility plugin for extracts configuration data of known malware
  ☆489Updated last year