forensicxlab / VISION-ProcMon

Related projects: ⓘ

• evild3ad / Collect-MemoryDump
  Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
  ☆216Updated 6 months ago
• knight0x07 / OneNoteAnalyzer
  A C# based tool for analysing malicious OneNote documents
  ☆108Updated last year
• gtworek / VolatileDataCollector
  ☆168Updated 8 months ago
• ExaTrack / Kdrill
  Python tool to check rootkits in Windows kernel
  ☆164Updated last month
• RussianPanda95 / Yara-Rules
  Repository of Yara Rules
  ☆83Updated last week
• nasbench / Misc-Research
  A collection of tools, scripts and personal research
  ☆104Updated 2 months ago
• jsecurity101 / JonMon
  ☆154Updated last month
• jsecurity101 / TelemetrySource
  ☆214Updated 4 months ago
• dodo-sec / Malware-Analysis
  ☆131Updated last year
• mandiant / VM-Packages
  Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.
  ☆138Updated this week
• mgeeky / msidump
  MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.
  ☆190Updated last year
• Malandrone / PowerDecode
  PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…
  ☆147Updated 4 months ago
• floesen / EventLogCrasher
  ☆181Updated 7 months ago
• Immersive-Labs-Sec / SliverC2-Forensics
  A collection of tools and detections for the Sliver C2 Frameworj
  ☆104Updated last year
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆148Updated 11 months ago
• deepinstinct / NoFilter
  ☆290Updated last year
• Unprotect-Project / Unprotect_Submission
  Repository to publish your evasion techniques and contribute to the project
  ☆128Updated 2 weeks ago
• jstrosch / sclauncher
  A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …
  ☆121Updated last month
• StrangerealIntel / Orion
  A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...
  ☆136Updated 10 months ago
• ACE-Responder / RogueSliver
  A suite of tools to disrupt campaigns using the Sliver C2 framework.
  ☆245Updated last year
• Ahmed-AL-Maghraby / Windows-Registry-Analysis-Cheat-Sheet
  ☆145Updated last year
• 100DaysofYARA / 2024
  Rules shared by the community from 100 Days of YARA 2024
  ☆75Updated 5 months ago
• outflanknl / edr-internals
  Tools for analyzing EDR agents
  ☆200Updated 3 months ago
• archcloudlabs / HackSpaceCon_Malware_Analysis_Course
  Free training course offered at Hack Space Con 2023
  ☆131Updated last year
• SentineLabs / SentinelLabs_RevCore_Tools
  The Windows Malware Analysis Reversing Core Tools
  ☆88Updated 3 years ago
• SafeBreach-Labs / aikido_wiper
  ☆63Updated last year
• jsecurity101 / ETWInspector
  ☆150Updated 4 months ago
• struppigel / hedgehog-tools
  ☆103Updated last month
• MazX0p / ThreatHound
  ☆153Updated 9 months ago
• FourCoreLabs / LolDriverScan
  Scan vulnerable drivers on Windows with loldrivers.io
  ☆162Updated last year