herrcore / LocalShellExtParse
Script to parse first load time for Shell Extensions loaded by user. Also enumerates all loaded Shell Extensions that are only installed for the Current User.
☆20Updated 9 years ago
Alternatives and similar repositories for LocalShellExtParse:
Users that are interested in LocalShellExtParse are comparing it to the libraries listed below
- POC for IAT Parsing Payloads☆47Updated 8 years ago
- A Windows REG file to enable all default PowerShell logging on a system with PowerShell v5 installed☆16Updated 8 years ago
- ☆16Updated 10 years ago
- Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to fi…☆49Updated 7 years ago
- PowerShell Empire module for logging USB keystrokes via ETW☆31Updated 8 years ago
- Tools to enumerate Windows Firewall Hook Drivers on Windows 2000, XP and 2003☆20Updated 10 years ago
- Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research☆53Updated 7 years ago
- Invoke remote powershell scripts in memory of compromised hosts.☆10Updated 10 years ago
- officefileinfo is a python script to help analyse the newer Microsoft Office file formats. There are numerous tools for dealing with the …☆16Updated 8 years ago
- Carve Windows Prefetch files from arbitrary binary data☆14Updated 7 years ago
- A tool to generate yara signatures from function blocks☆19Updated 10 years ago
- This script is used for extracting DDE in docx and xlsx☆12Updated 7 years ago
- Crack your macros like the math pros.☆33Updated 8 years ago
- Multiple rules for yara-project for detect compiler/packer/protector☆33Updated 5 years ago
- Scan web server for known webshell names and responses☆50Updated 8 years ago
- Volatility Plugins☆21Updated 9 years ago
- ☆10Updated 9 years ago
- Volatility Plugin to scan for shimmed processes in Windows☆10Updated 9 years ago
- Spam Honeypot with Intelligent Virtual Analyzer☆10Updated 9 years ago
- Recurse through a registry, identifying values with large data -- a registry malware hunter☆44Updated 8 years ago
- Remote timing attack exploit against most Zeus/Zbot variants including Citadel, Ice9, Zeus 2.3, KINS/ZeusVM etc..☆24Updated 9 years ago
- McAfee ePolicy 0wner exploit code☆46Updated 6 years ago
- Portable utility to check if a machine has been infected by Shamoon2☆15Updated 8 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Updated 9 years ago
- PAC HTTPS leak demo from DEF CON 24 'Toxic Proxies' talk☆30Updated 8 years ago
- Server for receiving autorun data from the clients☆13Updated 7 years ago
- Making shellcode UD - https://osandamalith.com☆24Updated 8 years ago
- A short and small memory forensics helper.☆52Updated 7 years ago
- Fileless SQL Server CLR-based Custom Stored Procedure Command Execution☆35Updated 8 years ago
- ☆42Updated 6 years ago