eset / vba-dynamic-hook
VBA Dynamic Hook dynamically analyzes VBA macros inside Office documents by hooking function calls
☆145Updated 8 years ago
Related projects: ⓘ
- Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.☆272Updated 2 years ago
- Reconstruct process trees from event logs☆143Updated 4 years ago
- Lazy Office Analyzer☆118Updated 7 years ago
- A tool for detecting VBA stomping.☆95Updated 2 years ago
- Pure Python parser for Application Compatibility Shim Databases (.sdb files)☆104Updated 3 years ago
- Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files☆111Updated 3 months ago
- A VBA p-code disassembler☆450Updated 3 years ago
- Log newly created WMI consumers and processes to the Windows Application event log☆123Updated 6 years ago
- Python script to decode common encoded PowerShell scripts☆214Updated 6 years ago
- A reference Device Guard code integrity policy consisting of FilePublisher deny rules for published Device Guard configuration bypasses☆114Updated 7 years ago
- ☆149Updated this week
- ☆82Updated 8 years ago
- ☆213Updated 6 years ago
- Pafish Macro is a Macro enabled Office Document to detect malware analysis systems and sandboxes. It uses evasion & detection techniques …☆278Updated 7 years ago
- ☆101Updated this week
- Smart DLL execution for malware analysis in sandbox systems☆141Updated 9 years ago
- IR-Tools - PowerShell tools for IR☆128Updated 7 years ago
- ☆210Updated this week
- Extract embedded files and macros from office documents.☆177Updated 9 months ago
- ☆134Updated 5 years ago
- Comae Hibernation File Decompressor☆141Updated last year
- Windows Live Artifacts Acquisition Script☆181Updated 2 years ago
- ☆175Updated this week
- Command line tool for scanning streams within office documents plus xor db attack☆125Updated 11 months ago
- Ruxcon2016 POC Code☆136Updated 7 years ago
- Mario & Luigi - Tools for sniffing Windows Named Pipes communication☆129Updated 7 years ago
- Various Yara signatures (possibly to be included in a release later).☆83Updated 5 years ago
- ☆415Updated last year
- Codex Gigas malware DNA profiling search engine discovers malware patterns and characteristics assisting individuals who are attracted in…☆154Updated 4 years ago
- Allows you to quickly query a Windows machine for RAM artifacts☆218Updated 4 years ago