Sh3lldor / PVT
PCAP visualization tool
☆103Updated last year
Alternatives and similar repositories for PVT:
Users that are interested in PVT are comparing it to the libraries listed below
- A collection of tools to interact with Microsoft Security Response Center API☆95Updated last year
- A golang CLI tool to download malware from a variety of sources.☆141Updated 11 months ago
- A ProcessMonitor visualization application written in rust.☆176Updated last year
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆242Updated 2 years ago
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆138Updated last year
- BSidesRoc 2022 Linux Malware/Forensics Course☆74Updated 2 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆94Updated last year
- A guide on how to write fast and memory friendly YARA rules☆127Updated last year
- A tool to find folders excluded from AV real-time scanning using a time oracle☆231Updated 11 months ago
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆222Updated 10 months ago
- Collection of malware persistence and hunting information. Be a persistent persistence hunter!☆172Updated last month
- The Windows Malware Analysis Reversing Core Tools☆90Updated 4 years ago
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆155Updated this week
- The Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access…☆50Updated this week
- A repository that maps commonly used attacks using MSRPC protocols to ATT&CK☆318Updated last year
- ☆227Updated 8 months ago
- Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.☆110Updated last month
- Emulate and Dissect MSF and *other* attacks☆139Updated 10 months ago
- A python script developed to process Windows memory images based on triage type.☆261Updated last year
- JPCERT/CC public YARA rules repository☆106Updated last month
- Rules Shared by the Community from 100 Days of YARA 2023☆77Updated last year
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆164Updated 2 years ago
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆350Updated 2 months ago
- A repo to support the book☆105Updated 3 years ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆179Updated last week
- Malduck is your ducky companion in malware analysis journeys☆323Updated 7 months ago
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆115Updated last month
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆165Updated 8 months ago
- ☆55Updated 3 months ago
- Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles☆156Updated 3 months ago