bontchev / pcodedmpLinks
A VBA p-code disassembler
☆470Updated 3 years ago
Alternatives and similar repositories for pcodedmp
Users that are interested in pcodedmp are comparing it to the libraries listed below
Sorting:
- Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.☆278Updated 3 years ago
- a vba pcode decompiler based on pcodedmp☆109Updated 3 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆1,092Updated 10 months ago
- A tool for detecting VBA stomping.☆100Updated 2 years ago
- VBA Dynamic Hook dynamically analyzes VBA macros inside Office documents by hooking function calls☆149Updated 9 years ago
- VBA Obfuscation Tools combined with an MS office document generator☆547Updated 7 years ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆581Updated last year
- A VBA implementation of the RunPE technique or how to bypass application whitelisting.☆806Updated 5 years ago
- Pafish Macro is a Macro enabled Office Document to detect malware analysis systems and sandboxes. It uses evasion & detection techniques …☆282Updated 7 years ago
- PowerShell script for deobfuscating encoded PowerShell scripts☆424Updated 4 years ago
- ☆428Updated 2 years ago
- Allows you to quickly query a Windows machine for RAM artifacts☆221Updated 4 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆96Updated 2 weeks ago
- FileInsight-plugins: decoding toolbox of McAfee FileInsight hex editor for malware analysis☆161Updated 5 months ago
- A list of ways to execute code on Windows using legitimate Windows tools☆307Updated 6 years ago
- ☆216Updated 7 years ago
- Commandline low level file extractor for NTFS☆287Updated 5 years ago
- Pure Python parser for Application Compatibility Shim Databases (.sdb files)☆108Updated 4 years ago
- For all these times you're asking yourself "what is this panel again?"☆255Updated 2 years ago
- Generating YARA rules based on binary code☆210Updated 3 years ago
- Tool suite for inspecting NTFS artifacts.☆223Updated last year
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆193Updated 2 months ago
- PoC of a VBA macro spawning a process with a spoofed parent and command line.☆380Updated 5 years ago
- AndrewSpecial, dumping lsass' memory stealthily and bypassing "Cilence" since 2019.☆387Updated 6 years ago
- Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …☆447Updated 2 years ago
- ☆302Updated 4 years ago
- Parser for $LogFile on NTFS☆196Updated last week
- Windows registry file format specification☆338Updated 6 years ago
- PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.☆644Updated 10 months ago
- ☆276Updated 2 years ago