eset / vba-dynamic-hook
VBA Dynamic Hook dynamically analyzes VBA macros inside Office documents by hooking function calls
☆147Updated 9 years ago
Alternatives and similar repositories for vba-dynamic-hook:
Users that are interested in vba-dynamic-hook are comparing it to the libraries listed below
- Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.☆279Updated 3 years ago
- Lazy Office Analyzer☆119Updated 8 years ago
- Pure Python parser for Application Compatibility Shim Databases (.sdb files)☆109Updated 4 years ago
- Smart DLL execution for malware analysis in sandbox systems☆143Updated 10 years ago
- Pafish Macro is a Macro enabled Office Document to detect malware analysis systems and sandboxes. It uses evasion & detection techniques …☆281Updated 7 years ago
- Log newly created WMI consumers and processes to the Windows Application event log☆124Updated 7 years ago
- Reconstruct process trees from event logs☆148Updated 4 years ago
- A tool for detecting VBA stomping.☆99Updated 2 years ago
- ☆213Updated 6 years ago
- Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files☆115Updated 10 months ago
- Comae Hibernation File Decompressor☆146Updated last year
- IR-Tools - PowerShell tools for IR☆130Updated 7 years ago
- Allows you to quickly query a Windows machine for RAM artifacts☆220Updated 4 years ago
- Python script to decode common encoded PowerShell scripts☆216Updated 6 years ago
- Parse evtx files and detect use of the DanderSpritz eventlogedit module☆148Updated 7 years ago
- Various Yara signatures (possibly to be included in a release later).☆85Updated 5 years ago
- FileInsight-plugins: decoding toolbox of McAfee FileInsight hex editor for malware analysis☆161Updated 3 months ago
- Ruxcon2016 POC Code☆137Updated 8 years ago
- A VBA p-code disassembler☆467Updated 3 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆85Updated 7 years ago
- ☆275Updated last year
- Extract embedded files and macros from office documents.☆179Updated last year
- zer0m0n driver for cuckoo sandbox☆87Updated 8 years ago
- ☆114Updated 7 years ago
- Codex Gigas malware DNA profiling search engine discovers malware patterns and characteristics assisting individuals who are attracted in…☆154Updated 5 years ago
- Open Source Office Malware Generation & Polymorphic Engine for Red Teams and QA testing☆95Updated 7 years ago
- ☆134Updated 6 years ago
- The content of this repository aims to assist efforts on analysing inner working principles, functionalities, and properties of the Micro…☆151Updated 4 years ago
- A reference Device Guard code integrity policy consisting of FilePublisher deny rules for published Device Guard configuration bypasses☆115Updated 7 years ago
- ☆427Updated last year