Process Spawn Control is a Powershell tool which aims to help in the behavioral (process) analysis of malware. PsC suspends newly launched processes, and gives the analyst the option to either keep the process suspended, or to resume it.
☆265Jan 15, 2022Updated 4 years ago
Alternatives and similar repositories for ProcessSpawnControl
Users that are interested in ProcessSpawnControl are comparing it to the libraries listed below
Sorting:
- Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …☆447Oct 26, 2022Updated 3 years ago
- FCL (Fileless Command Lines) - Known command lines of fileless malicious executions☆477Apr 8, 2021Updated 4 years ago
- Extract OLEv1 objects from RTF files by instrumenting Word☆50Nov 19, 2019Updated 6 years ago
- hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Curre…☆40Aug 17, 2019Updated 6 years ago
- Mario & Luigi - Tools for sniffing Windows Named Pipes communication☆129Nov 15, 2016Updated 9 years ago
- Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.☆279Dec 13, 2021Updated 4 years ago
- Lateral Movement technique using DCOM and HTA☆235Oct 18, 2022Updated 3 years ago
- Silencing Sysmon via driver unload☆235Oct 13, 2022Updated 3 years ago
- Your Swiss Army knife to analyze malicious web traffic based on the popular Fiddler web debugger.☆644Nov 27, 2024Updated last year
- Simple 32/64-bit PEs loader.☆139Dec 19, 2018Updated 7 years ago
- PowerShell and Cobalt Strike scripts for lateral movement using Excel 4.0 / XLM macros via DCOM (direct shellcode injection in Excel.exe)☆328Mar 26, 2019Updated 6 years ago
- PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.☆152Jun 3, 2019Updated 6 years ago
- Python script to decode common encoded PowerShell scripts☆217Jun 13, 2018Updated 7 years ago
- 🔵 Ethereum and BNB (BSC) Mev bot - Arbitrage☆358Feb 11, 2026Updated 2 weeks ago
- A simple script to generate JScript code for calling Win32 API functions using XLM/Excel 4.0 macros via Excel.Application "ExecuteExcel4M…☆91Nov 9, 2019Updated 6 years ago
- A machine learning tool that ranks strings based on their relevance for malware analysis.☆752Jan 22, 2026Updated last month
- Cmd.exe Command Obfuscation Generator & Detection Test Harness☆928Mar 27, 2018Updated 7 years ago
- ☆42Aug 10, 2019Updated 6 years ago
- SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox API.☆110Jan 20, 2021Updated 5 years ago
- c2 traffic☆194Feb 6, 2023Updated 3 years ago
- ☆349Mar 19, 2021Updated 4 years ago
- PowerAvails is a unit of collection of Powershell modules that help you get done many things☆118May 31, 2019Updated 6 years ago
- Powershell script for enumerating vulnerable DCOM Applications☆266Nov 30, 2018Updated 7 years ago
- Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis☆45Sep 16, 2017Updated 8 years ago
- PoC for CVE-2019-0888 - Use-After-Free in Windows ActiveX Data Objects (ADO)☆40Jul 9, 2019Updated 6 years ago
- Resolves DLL API entrypoints for a process w/ remote query capabilities.☆58Jun 23, 2017Updated 8 years ago
- Process Injection☆766Oct 24, 2021Updated 4 years ago
- ☆18Apr 4, 2019Updated 6 years ago
- Enumerate and disable common sources of telemetry used by AV/EDR.☆819Mar 11, 2021Updated 4 years ago
- A collection of scripts to initialize a windows VM to run all the malwares!☆107Apr 3, 2020Updated 5 years ago
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆158Jun 10, 2019Updated 6 years ago
- YARA malware query accelerator (web frontend)☆437Feb 3, 2026Updated 3 weeks ago
- Tool for injecting a "TCP Relay" managed assembly into an unmanaged process☆65May 24, 2019Updated 6 years ago
- PoC Thread Execution Hijacking for Win32 Code Injection☆177Aug 8, 2024Updated last year
- The exploit samples database is a repository for **RCE** (remote code execution) exploits and Proof-of-Concepts for **WINDOWS**, the samp…☆746Dec 11, 2023Updated 2 years ago
- Online hash checker for Virustotal and other services☆846Mar 21, 2025Updated 11 months ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆54Jul 11, 2021Updated 4 years ago
- Miscellaneous Malware RE☆193May 1, 2022Updated 3 years ago
- PoC of a VBA macro spawning a process with a spoofed parent and command line.☆381Apr 28, 2020Updated 5 years ago