A tool for de-obfuscating PowerShell scripts
☆71Apr 24, 2019Updated 6 years ago
Alternatives and similar repositories for PowerDrive
Users that are interested in PowerDrive are comparing it to the libraries listed below
Sorting:
- Generates YARA rules to detect malware using API hashing☆17Mar 16, 2021Updated 4 years ago
- Collection of tips, tools, arsenal and techniques I've learned during RE and other CyberSecStuff☆58Sep 15, 2025Updated 5 months ago
- This repository contains various files linked to Operation Shadowhammer as it was originally discovered by Kaspersky Team.☆12Mar 27, 2019Updated 6 years ago
- Converting data from services like Censys and Shodan to a common data model☆52Feb 22, 2026Updated last week
- PowerShell script for deobfuscating encoded PowerShell scripts☆434Feb 4, 2021Updated 5 years ago
- ☆13Nov 10, 2020Updated 5 years ago
- simple demo of using C# & System.Management.Automation.dll to run powershell code (b64 encoded) without powershell.exe☆14Mar 29, 2017Updated 8 years ago
- Steezy - Ghetto Yara Generation☆15Mar 27, 2023Updated 2 years ago
- Plugins for the Viper Framework☆14Sep 21, 2019Updated 6 years ago
- ☆15Jun 5, 2019Updated 6 years ago
- C# POC code for the SessionEnv dll hijack by utilizing called functions of TSMSISrv.dll☆62Apr 18, 2019Updated 6 years ago
- Extract information from MISP via the API☆16Jul 18, 2016Updated 9 years ago
- Vagrant configuration to setup a Thug honeyclient VM☆20Feb 26, 2015Updated 11 years ago
- Execute shellcode with ZwCreateSection, ZwMapViewOfSection, ZwOpenProcess, ZwMapViewOfSection and ZwCreateThreadEx☆15Apr 26, 2021Updated 4 years ago
- Parsing of YARA rules into AST and building new rulesets in C++.☆129Jan 25, 2026Updated last month
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆29Jun 11, 2020Updated 5 years ago
- Non organized Cpp code files I used for my research on Windows☆28Aug 9, 2020Updated 5 years ago
- Python bindings for the Zydis disassembler library☆17Jul 2, 2019Updated 6 years ago
- We implement IoTPOT, a novel honeypot to emulate Telnet services of various IoT devices to analyze ongoing attacks in depth. IoTPOT consi…☆26Sep 4, 2015Updated 10 years ago
- LD_PRELOAD rootkit utils☆16Jul 3, 2015Updated 10 years ago
- Telsy CTI Research Team☆57Dec 15, 2020Updated 5 years ago
- Privesc through import of Sheduled tasks + Hardlinks - CVE-2019-1069☆37Jun 26, 2019Updated 6 years ago
- OLE Package Format Documentation☆23Jun 13, 2020Updated 5 years ago
- Capa analysis importer for Ghidra.☆64Dec 2, 2020Updated 5 years ago
- A Binary Genetic Traits Lexer Framework☆523Updated this week
- Hex-Rays microcode API plugin for breaking an obfuscating compiler☆84Jun 29, 2019Updated 6 years ago
- ☆25Aug 11, 2020Updated 5 years ago
- ☆21Jan 28, 2020Updated 6 years ago
- Repository for scripts and tips for "Yara Scan Service"☆20Feb 19, 2023Updated 3 years ago
- Starting Code for my How to Write Malware 101 Class. This is a Proof of Concept of a C# RAT (Remote Access Trojan) made by Sean Pierce (@…☆21May 29, 2018Updated 7 years ago
- CVE Builder script that generates STIX formatted Exploit Target objects☆18Oct 18, 2016Updated 9 years ago
- ☆16Apr 30, 2024Updated last year
- Bypass AMSI and Defender using Ordinal Values☆41Apr 15, 2020Updated 5 years ago
- Script analysis tool based on Frida.re☆131May 31, 2017Updated 8 years ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆23Jan 31, 2024Updated 2 years ago
- Flexible framework that allows automation to process cyber threat information and update endpoint defense tools.☆20Oct 24, 2018Updated 7 years ago
- Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing☆25May 29, 2023Updated 2 years ago
- This repository regroups the Yara Rules for the Unprotect Project☆26Nov 19, 2020Updated 5 years ago
- Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.☆280Dec 13, 2021Updated 4 years ago