decalage2 / oletools
oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
☆2,985Updated 3 weeks ago
Alternatives and similar repositories for oletools:
Users that are interested in oletools are comparing it to the libraries listed below
- Please no pull requests for this repository. Thanks!☆2,124Updated last week
- FakeNet-NG - Next Generation Dynamic Network Analysis Tool☆1,850Updated 3 weeks ago
- A VBA parser and emulation engine to analyze malicious macros.☆1,069Updated 7 months ago
- YARA signature and IOC database for my scanners and tools☆2,550Updated this week
- Loki - Simple IOC and YARA Scanner☆3,461Updated 2 months ago
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆2,823Updated 7 months ago
- A curated list of awesome YARA rules, tools, and people.☆3,679Updated this week
- A toolset to make a system look as if it was the victim of an APT attack☆2,519Updated last year
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,409Updated this week
- yarGen is a generator for YARA rules☆1,600Updated 8 months ago
- macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other f…☆2,211Updated 6 months ago
- Mimikatz implementation in pure Python☆2,946Updated last month
- Repository of yara rules☆4,284Updated 9 months ago
- Automated Adversary Emulation Platform☆5,847Updated this week
- A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro…☆2,149Updated last year
- MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, i…☆3,005Updated 6 months ago
- Wiki to collect Red Team infrastructure hardening resources☆4,220Updated 10 months ago
- A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering env…☆6,898Updated this week
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,110Updated last year
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,139Updated last year
- Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)☆7,271Updated 2 weeks ago
- Interesting APT Report Collection And Some Special IOC☆2,496Updated this week
- A collaborative, multi-platform, red teaming framework☆3,420Updated this week
- .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers☆2,635Updated 6 months ago
- Privilege Escalation Project - Windows / Linux / Mac☆2,481Updated 4 months ago
- A tool to abuse Exchange services☆2,194Updated 8 months ago
- Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's po…☆3,786Updated last year
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…☆5,647Updated 2 weeks ago
- Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.☆4,373Updated last month
- PowerShell Obfuscator☆3,852Updated last year