Squiblydoo / debloatLinks
A GUI and CLI tool for removing bloat from executables
☆411Updated last month
Alternatives and similar repositories for debloat
Users that are interested in debloat are comparing it to the libraries listed below
Sorting:
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…☆382Updated 7 months ago
- Memory acquisition for Linux that makes sense.☆205Updated last year
- Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!☆382Updated last year
- A repository of credential stealer formats☆224Updated 2 months ago
- A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …☆306Updated last month
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆205Updated last year
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆193Updated last week
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆671Updated last month
- A ProcessMonitor visualization application written in rust.☆183Updated 2 years ago
- ☆161Updated 2 years ago
- A centralized and enhanced memory analysis platform☆489Updated last month
- Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.☆424Updated 4 months ago
- ☆371Updated this week
- Different learning materials☆228Updated 5 months ago
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆172Updated 4 months ago
- IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&…☆368Updated 2 years ago
- CLI tools for forensic investigation of Windows artifacts☆346Updated last month
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆150Updated 11 months ago
- Repository of Yara Rules☆115Updated 4 months ago
- ☆238Updated 2 months ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆238Updated this week
- Python tool to check rootkits in Windows kernel☆199Updated last week
- ☆204Updated 10 months ago
- DFIR LABS - A compilation of challenges that aims to provide practice in simple to advanced concepts in the following topics: Digital For…☆334Updated 2 weeks ago
- Nuke It From Orbit - remove AV/EDR with physical access☆262Updated 8 months ago
- Windows Forensics Environment Builder☆156Updated last month
- ☆503Updated last year
- Rules shared by the community from 100 Days of YARA 2024☆85Updated 7 months ago
- Multi-quarantine extractor☆47Updated 3 months ago
- Research notes☆128Updated 8 months ago