eastmountyxz / PowershellDetect
该资源详细介绍Powershell脚本混淆、解混淆、抽象语法树提取、token提取、恶意性检测等内容,希望对您有所帮助!
☆22Updated 3 years ago
Alternatives and similar repositories for PowershellDetect
Users that are interested in PowershellDetect are comparing it to the libraries listed below
Sorting:
- 感染PE文件的病毒学习过程☆31Updated 4 years ago
- 该资源主要是作者翻译各大安全厂商的APT报告,希望对您有所帮助。☆20Updated 4 years ago
- 基于卷积神经网络的WebShell检测工具,可以检测JSP和PHP类型文件,以opcode和bytecode作为检测特征,基于Django框架☆17Updated 3 years ago
- PE学习小工具,它的作用就是将32位的PE文件的按内存对齐,然后合并所有节,接着新增一个节存放Shellcode,将程序入口位置修改到Shellcode的位置。☆18Updated 2 years ago
- Analysis Financial Attacker Groups, 金融行业攻击者团伙研究☆23Updated 3 years ago
- 修改自官方yara工具☆14Updated last year
- Detect burp☆33Updated 3 years ago
- 记录工作中遇到的一些小知识小技巧☆14Updated 2 years ago
- ☆32Updated 4 years ago
- check cs yara rules☆42Updated 3 years ago
- ☆17Updated 4 years ago
- 以子域名作为基础数据进行分析出关键词,然后基于FoFa、Shodan、Zoomye网络引擎的多维度资产探测脚本☆21Updated 4 years ago
- Godzilla v1.0 source code☆38Updated 4 years ago
- 基于行为特征进行快速匹配病毒专杀工具,辅助应急响应☆37Updated 4 years ago
- antSword的源码和加载器☆14Updated 2 years ago
- 一款http协议的漏洞扫描框架☆28Updated 5 years ago
- NOPEN Tool 又名“morerats” 莫雷斯特,是方程式工具包里的工具。☆46Updated 3 years ago
- NextB的恶意邮件识别项目☆30Updated 2 years ago
- 对恶意流量分析的练习☆24Updated 3 years ago
- 用于Dump指定进程的内存,主要利用静默退出机制(SilentProcessExit)和Windows API(MiniDumpW)实现☆25Updated 3 years ago
- CobaltStrikeDetect☆47Updated 3 years ago
- ☆37Updated 5 years ago
- a LINUX netfilter rookit by HTTP tunnel☆23Updated 3 years ago
- IDA7.6/IDA7.7 + Python3 下,Go 可执行文件的符号恢复脚本。已适配 Go1.2/Go1.16/Go1.18/Go1.20☆30Updated 7 months ago
- 分析cobaltstrike c2 协议☆68Updated 5 years ago
- 一些自己打比赛的捣蛋脚本☆50Updated 4 years ago
- cs4.0 cs 4.1 beacon加解密☆25Updated 4 years ago
- 模拟cobalt strike beacon上线包. Simulation cobalt strike beacon connection packet.☆78Updated 2 years ago
- Post-exploitation script developed using impacket☆21Updated 3 years ago
- 林中有两条路,我选择了人迹罕至的一条☆32Updated 2 years ago