Process Spawn Control is a Powershell tool which aims to help in the behavioral (process) analysis of malware. PsC suspends newly launched processes, and gives the analyst the option to either keep the process suspended, or to resume it.
☆266Jan 15, 2022Updated 4 years ago
Alternatives and similar repositories for ProcessSpawnControl
Users that are interested in ProcessSpawnControl are comparing it to the libraries listed below
Sorting:
- Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …☆446Oct 26, 2022Updated 3 years ago
- FCL (Fileless Command Lines) - Known command lines of fileless malicious executions☆477Apr 8, 2021Updated 4 years ago
- Extract OLEv1 objects from RTF files by instrumenting Word☆50Nov 19, 2019Updated 6 years ago
- Mario & Luigi - Tools for sniffing Windows Named Pipes communication☆129Nov 15, 2016Updated 9 years ago
- Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.☆280Dec 13, 2021Updated 4 years ago
- Silencing Sysmon via driver unload☆236Oct 13, 2022Updated 3 years ago
- PowerShell and Cobalt Strike scripts for lateral movement using Excel 4.0 / XLM macros via DCOM (direct shellcode injection in Excel.exe)☆328Mar 26, 2019Updated 6 years ago
- YARA malware query accelerator (web frontend)☆437Feb 3, 2026Updated last month
- Tool for injecting a "TCP Relay" managed assembly into an unmanaged process☆65May 24, 2019Updated 6 years ago
- Your Swiss Army knife to analyze malicious web traffic based on the popular Fiddler web debugger.☆644Nov 27, 2024Updated last year
- Simple 32/64-bit PEs loader.☆139Dec 19, 2018Updated 7 years ago
- Resolves DLL API entrypoints for a process w/ remote query capabilities.☆58Jun 23, 2017Updated 8 years ago
- ☆136Jan 24, 2019Updated 7 years ago
- Lateral Movement technique using DCOM and HTA☆235Oct 18, 2022Updated 3 years ago
- ☆42Aug 10, 2019Updated 6 years ago
- c2 traffic☆194Feb 6, 2023Updated 3 years ago
- PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.☆152Jun 3, 2019Updated 6 years ago
- Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis☆45Sep 16, 2017Updated 8 years ago
- ☆54Aug 13, 2018Updated 7 years ago
- hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Curre…☆40Aug 17, 2019Updated 6 years ago
- A collection of scripts to initialize a windows VM to run all the malwares!☆107Apr 3, 2020Updated 5 years ago
- 🔵 Ethereum and BNB (BSC) Mev bot - Arbitrage☆358Mar 4, 2026Updated 2 weeks ago
- Converts a DLL into EXE☆816Jul 23, 2023Updated 2 years ago
- Python script to decode common encoded PowerShell scripts☆217Jun 13, 2018Updated 7 years ago
- Powershell script for enumerating vulnerable DCOM Applications☆266Nov 30, 2018Updated 7 years ago
- ☆349Mar 19, 2021Updated 5 years ago
- ☆18Apr 4, 2019Updated 6 years ago
- A machine learning tool that ranks strings based on their relevance for malware analysis.☆754Mar 11, 2026Updated last week
- A simple script to generate JScript code for calling Win32 API functions using XLM/Excel 4.0 macros via Excel.Application "ExecuteExcel4M…☆91Nov 9, 2019Updated 6 years ago
- Process Injection☆768Oct 24, 2021Updated 4 years ago
- Cmd.exe Command Obfuscation Generator & Detection Test Harness☆932Mar 27, 2018Updated 7 years ago
- Ps1jacker is a tool for generating COM Hijacking payload.☆60Feb 11, 2025Updated last year
- FLARE Kernel Shellcode Loader☆177May 3, 2019Updated 6 years ago
- ☆54Apr 27, 2019Updated 6 years ago
- PowerAvails is a unit of collection of Powershell modules that help you get done many things☆118May 31, 2019Updated 6 years ago
- Tools to search through massive amounts of data☆21Oct 20, 2025Updated 5 months ago
- Windows kernel and user mode emulation.☆1,896Mar 12, 2026Updated last week
- scripts/plugins for IDA Pro☆178Jan 10, 2025Updated last year
- PoC of a VBA macro spawning a process with a spoofed parent and command line.☆381Apr 28, 2020Updated 5 years ago