Sh3lldor / PVT
PCAP visualization tool
☆103Updated last year
Alternatives and similar repositories for PVT:
Users that are interested in PVT are comparing it to the libraries listed below
- A collection of tools to interact with Microsoft Security Response Center API☆97Updated last year
- ☆200Updated 5 months ago
- A prototype malware C2 channel using x509 certificates over mTLS☆153Updated last year
- A tool to find folders excluded from AV real-time scanning using a time oracle☆233Updated last year
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆121Updated 2 months ago
- ☆297Updated 5 months ago
- A ProcessMonitor visualization application written in rust.☆177Updated last year
- A repository that maps commonly used attacks using MSRPC protocols to ATT&CK☆322Updated last year
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆236Updated this week
- Yara Rules for Modern Malware☆75Updated last year
- A golang CLI tool to download malware from a variety of sources.☆142Updated last year
- A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck☆127Updated last year
- ☆236Updated 10 months ago
- The Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access…☆54Updated this week
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆246Updated 2 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆95Updated last year
- Active C&C Detector☆153Updated last year
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆207Updated last year
- ☆189Updated 2 years ago
- Powershell Linter☆50Updated this week
- A python script developed to process Windows memory images based on triage type.☆261Updated last year
- Cobalt Strike Beacon configuration extractor and parser.☆153Updated 3 years ago
- ☆61Updated 9 months ago
- Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles☆164Updated last week
- ☆216Updated 2 months ago
- Finding secrets in kernel and user memory☆115Updated last year
- Project for identifying executables that have command-line options that can be obfuscated, possibly bypassing detection rules.☆166Updated 2 months ago
- Fraktal's Ransomware Emulator☆102Updated 11 months ago
- ☆207Updated 3 years ago
- Rules Shared by the Community from 100 Days of YARA 2023☆76Updated last year