Sh3lldor / PVT
PCAP visualization tool
☆103Updated last year
Alternatives and similar repositories for PVT:
Users that are interested in PVT are comparing it to the libraries listed below
- A tool to find folders excluded from AV real-time scanning using a time oracle☆233Updated last year
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆247Updated 2 years ago
- A collection of tools to interact with Microsoft Security Response Center API☆97Updated last year
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆123Updated 3 months ago
- A golang CLI tool to download malware from a variety of sources.☆143Updated last year
- A repository that maps commonly used attacks using MSRPC protocols to ATT&CK☆323Updated last year
- All kinds of tiny shells☆58Updated 2 years ago
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆66Updated last year
- A ProcessMonitor visualization application written in rust.☆178Updated last year
- Rules Shared by the Community from 100 Days of YARA 2023☆76Updated 2 years ago
- ☆245Updated 11 months ago
- Rules shared by the community from 100 Days of YARA 2024☆85Updated 3 months ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆95Updated last year
- Active C&C Detector☆153Updated last year
- A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck☆128Updated last year
- A repo to support the book☆107Updated 3 years ago
- A prototype malware C2 channel using x509 certificates over mTLS☆153Updated last year
- A guide on how to write fast and memory friendly YARA rules☆142Updated 2 months ago
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆139Updated last year
- A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.☆138Updated 9 months ago
- ☆55Updated 6 months ago
- The Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access…☆57Updated this week
- ☆61Updated 9 months ago
- ☆218Updated 2 months ago
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆208Updated last year
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆175Updated this week
- A python script developed to process Windows memory images based on triage type.☆262Updated last year
- Fraktal's Ransomware Emulator☆102Updated last year
- How to setup a honeypot with an IDS, ELK and TLS traffic inspection☆158Updated 2 years ago
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆165Updated 2 years ago