Squiblydoo / debloat
A GUI and CLI tool for removing bloat from executables
☆342Updated last week
Related projects ⓘ
Alternatives and complementary repositories for debloat
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆541Updated 3 weeks ago
- Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!☆279Updated 3 months ago
- Memory acquisition for Linux that makes sense.☆155Updated last year
- ☆187Updated 3 weeks ago
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…☆279Updated 8 months ago
- Different learning materials☆215Updated 3 months ago
- CLI tools for forensic investigation of Windows artifacts☆315Updated 2 weeks ago
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆140Updated 2 months ago
- A ProcessMonitor visualization application written in rust.☆176Updated last year
- ☆467Updated 11 months ago
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆146Updated this week
- This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be…☆603Updated 4 months ago
- Python tool to check rootkits in Windows kernel☆168Updated last week
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆161Updated 6 months ago
- A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …☆278Updated last year
- Living Off The Land Drivers☆1,039Updated last month
- IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&…☆351Updated last year
- ☆173Updated 3 months ago
- ☆148Updated last year
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆139Updated this week
- Windows Forensics Environment Builder☆111Updated 2 weeks ago
- Jupyter Notebooks for the Blue Team☆141Updated last year
- A centralized and enhanced memory analysis platform☆364Updated this week
- Gets updates from various clearnet domains and ransomware threat actor domains☆359Updated 6 months ago
- PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.☆308Updated last month
- Research notes☆115Updated last month
- ☆222Updated 6 months ago
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆146Updated last month
- The Volatility Collaborative GUI☆227Updated this week
- WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.☆150Updated 3 weeks ago