Sh3lldor / PVT
PCAP visualization tool
☆101Updated last year
Related projects: ⓘ
- A collection of tools to interact with Microsoft Security Response Center API☆95Updated 8 months ago
- A tool to find folders excluded from AV real-time scanning using a time oracle☆230Updated 7 months ago
- ☆290Updated last year
- A repository that maps commonly used attacks using MSRPC protocols to ATT&CK☆305Updated last year
- A repo to support the book☆103Updated 3 years ago
- ☆180Updated 2 years ago
- ☆214Updated 4 months ago
- A ProcessMonitor visualization application written in rust.☆175Updated last year
- Cobalt Strike Beacon configuration extractor and parser.☆142Updated 3 years ago
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆216Updated 6 months ago
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆121Updated 3 months ago
- A golang CLI tool to download malware from a variety of sources.☆139Updated 7 months ago
- ☆200Updated 2 years ago
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆334Updated this week
- Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles☆145Updated 8 months ago
- The Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access…☆41Updated this week
- A guide on how to write fast and memory friendly YARA rules☆123Updated last year
- This repository contains procedures found in the Feb 2022 conti leaks. They were taken from the "manual_teams_c" rocketchat channel in th…☆87Updated 2 years ago
- The Windows Malware Analysis Reversing Core Tools☆88Updated 3 years ago
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆238Updated last year
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆136Updated 10 months ago
- ☆189Updated this week
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆94Updated last year
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆138Updated this week
- ☆168Updated 8 months ago
- Rules shared by the community from 100 Days of YARA 2024☆75Updated 5 months ago
- A suite of tools to disrupt campaigns using the Sliver C2 framework.☆245Updated last year
- A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck☆125Updated 9 months ago
- ☆183Updated 2 weeks ago
- Tuoni☆47Updated this week