Squiblydoo / debloat
A GUI and CLI tool for removing bloat from executables
☆332Updated 3 weeks ago
Related projects: ⓘ
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆485Updated this week
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…☆269Updated 6 months ago
- Living Off The Land Drivers☆981Updated last week
- Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!☆249Updated last month
- Different learning materials☆214Updated last month
- A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …☆271Updated last year
- Memory acquisition for Linux that makes sense.☆143Updated 9 months ago
- A centralized and enhanced memory analysis platform☆355Updated last week
- ☆458Updated 9 months ago
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆147Updated 4 months ago
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆138Updated this week
- CLI tools for forensic investigation of Windows artifacts☆296Updated last month
- ☆168Updated 8 months ago
- A ProcessMonitor visualization application written in rust.☆175Updated last year
- Gets updates from various clearnet domains and ransomware threat actor domains☆347Updated 4 months ago
- ☆145Updated last year
- High Octane Triage Analysis☆629Updated this week
- Malduck is your ducky companion in malware analysis journeys☆313Updated 3 months ago
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆544Updated 11 months ago
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆139Updated 2 months ago
- Jupyter Notebooks for the Blue Team☆139Updated last year
- Python tool to check rootkits in Windows kernel☆164Updated last month
- Collection of Volatility3 symbols, generated against Linux and macOS kernels.☆53Updated this week
- Parses $MFT from NTFS file systems☆183Updated this week
- ☆296Updated this week
- Search Index Database Reporter☆87Updated last year
- IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&…☆347Updated last year
- WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.☆149Updated 6 months ago
- The Volatility Collaborative GUI☆217Updated last week
- PowerShell script to help Incident Responders discover potential adversary persistence mechanisms.☆305Updated last month