Powershell Linter
☆89Mar 3, 2026Updated this week
Alternatives and similar repositories for minusone
Users that are interested in minusone are comparing it to the libraries listed below
Sorting:
- YARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js☆11May 27, 2024Updated last year
- Linux BPF plugins for Volatility3☆23Jan 19, 2024Updated 2 years ago
- Native Rust bindings for @horsicq's Detect-It-Easy☆19Nov 11, 2025Updated 3 months ago
- USN Journal full path builder☆66Sep 16, 2024Updated last year
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- GoResolver is a Go analysis tool using both Go symbol extraction and Control Flow Graph (CFG) similarity to identify and resolve the func…☆86Jan 26, 2026Updated last month
- ☆20Jan 10, 2025Updated last year
- VBScript & VBA source-to-source deobfuscator with partial-evaluation☆80Aug 7, 2024Updated last year
- A collection of modules and scripts to help with analyzing Nim binaries☆83Oct 7, 2024Updated last year
- A KISS Rust crate to parse Windows kernel crash-dumps created by Windows & its debugger.☆42Jan 2, 2026Updated 2 months ago
- Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.☆22Jan 5, 2025Updated last year
- A UEFI Application that hooks SetVariable to allow a user-space program to access kernel memory.☆20Jun 15, 2020Updated 5 years ago
- JPCERT/CC public YARA rules repository☆109Nov 14, 2025Updated 3 months ago
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆103Jan 13, 2026Updated last month
- The first open source runtime windows batch and command line deobfuscator☆43Aug 20, 2025Updated 6 months ago
- Forensic Scanner☆41Nov 29, 2012Updated 13 years ago
- Trace ScriptBlock execution for powershell v2☆40Jan 14, 2020Updated 6 years ago
- GPO Bypass is a tool / proof-of-concept that highlights how one can bypass Group Policy enforced policies. It uses Firefox as an example.☆14Jan 28, 2023Updated 3 years ago
- ShellSweeping the evil.☆181Nov 25, 2024Updated last year
- Generate Volatility3 profiles from BTF.☆31Dec 21, 2024Updated last year
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆23Aug 7, 2024Updated last year
- Library of threat hunts to get any user started!☆50Sep 4, 2020Updated 5 years ago
- Standalone Metasploit-like XOR encoder for shellcode☆51May 12, 2024Updated last year
- Extract data of TTD trace file to a minidump☆30Jul 31, 2023Updated 2 years ago
- An eBPF detection program for CVE-2022-0847☆29Jul 5, 2022Updated 3 years ago
- ☆17May 2, 2024Updated last year
- Here are some tools I developed to help analyze malware☆11Nov 8, 2023Updated 2 years ago
- This repository provide a json file for all Windows security Event IDs with lot of useful informations (Categories, GPO, Volume, Recomman…☆11Mar 2, 2023Updated 3 years ago
- RegRipper4.0☆84Dec 10, 2025Updated 2 months ago
- Custom nuclei templates for bug hunting.....☆26May 30, 2024Updated last year
- ☆24Oct 30, 2024Updated last year
- Configuration Extractors for Malware☆124Apr 23, 2025Updated 10 months ago
- ☆115Feb 13, 2026Updated 3 weeks ago
- ☆13Dec 24, 2023Updated 2 years ago
- ☆15May 3, 2024Updated last year
- The Frida-Jit-unPacker aims at helping researchers and analysts understand the behavior of packed malicious .NET samples.☆65Apr 15, 2024Updated last year
- A GUI and CLI tool for removing bloat from executables☆443Jul 5, 2025Updated 8 months ago
- Sample Rust Hooking Engine☆36Apr 5, 2024Updated last year
- Publicly shareable windows event log message data☆28Nov 29, 2019Updated 6 years ago