Sh3lldor / PVTLinks
PCAP visualization tool
☆103Updated last year
Alternatives and similar repositories for PVT
Users that are interested in PVT are comparing it to the libraries listed below
Sorting:
- A golang CLI tool to download malware from a variety of sources.☆146Updated last year
- A prototype malware C2 channel using x509 certificates over mTLS☆153Updated last year
- The Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access…☆62Updated this week
- A collection of tools to interact with Microsoft Security Response Center API☆96Updated last year
- All kinds of tiny shells☆58Updated 2 years ago
- A ProcessMonitor visualization application written in rust.☆180Updated last year
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆123Updated 4 months ago
- ☆55Updated 7 months ago
- A tool to find folders excluded from AV real-time scanning using a time oracle☆233Updated last year
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆212Updated 2 years ago
- A guide on how to write fast and memory friendly YARA rules☆144Updated 3 months ago
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆248Updated 2 years ago
- A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.☆138Updated 10 months ago
- Rules Shared by the Community from 100 Days of YARA 2023☆76Updated 2 years ago
- A python script developed to process Windows memory images based on triage type.☆262Updated last year
- A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck☆128Updated last year
- This repository contains procedures found in the Feb 2022 conti leaks. They were taken from the "manual_teams_c" rocketchat channel in th…☆87Updated 3 years ago
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆180Updated last week
- ☆223Updated 4 months ago
- The Windows Malware Analysis Reversing Core Tools☆95Updated 4 years ago
- ☆201Updated 7 months ago
- A repository that maps commonly used attacks using MSRPC protocols to ATT&CK☆331Updated 2 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆95Updated 2 years ago
- ☆247Updated last year
- Use YARA rules on Time Travel Debugging traces☆90Updated last year
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆66Updated last year
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆139Updated last year
- ☆189Updated 2 years ago
- Reads and prints information from the website MalAPI.io☆38Updated 3 years ago
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆240Updated 2 months ago