herumi / msoffice

Related projects: ⓘ

• JPCERTCC / aa-tools
  Artifact analysis tools by JPCERT/CC Analysis Center
  ☆451Updated 2 months ago
• libyal / libyal
  Yet another library library (and tools)
  ☆201Updated last week
• libyal / libevtx
  Library and tools to access the Windows XML Event Log (EVTX) format
  ☆188Updated 2 months ago
• nmantani / FileInsight-plugins
  FileInsight-plugins: decoding toolbox of McAfee FileInsight hex editor for malware analysis
  ☆155Updated last month
• JPCERTCC / MalConfScan-with-Cuckoo
  Cuckoo Sandbox plugin for extracts configuration data of known malware
  ☆135Updated 8 months ago
• CyberDefenseInstitute / CDIR
  CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library
  ☆152Updated 2 years ago
• williballenthin / INDXParse
  Tool suite for inspecting NTFS artifacts.
  ☆213Updated 10 months ago
• PoorBillionaire / USN-Journal-Parser
  Python script to parse the NTFS USN Journal
  ☆105Updated 2 years ago
• nolze / msoffcrypto-tool
  Python tool and library for decrypting and encrypting MS Office files using passwords or other keys
  ☆546Updated last month
• strozfriedberg / ntfs-linker
  An NTFS journal parser
  ☆82Updated 8 years ago
• eset / vba-dynamic-hook
  VBA Dynamic Hook dynamically analyzes VBA macros inside Office documents by hooking function calls
  ☆145Updated 8 years ago
• Velocidex / c-aff4
  An AFF4 C++ implementation.
  ☆187Updated last year
• MalwareCantFly / Vba2Graph
  Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.
  ☆272Updated 2 years ago
• libyal / libscca
  Library and tools to access the Windows Prefetch File (SCCA) format.
  ☆70Updated last month
• msuhanov / regf
  Windows registry file format specification
  ☆319Updated 5 years ago
• JPCERTCC / ToolAnalysisResultSheet_jp
  分析ツール結果シート
  ☆16Updated 6 years ago
• rjhansen / nsrllookup
  Checks with NSRL RDS servers looking for for hash matches
  ☆111Updated 3 years ago
• rowingdude / analyzeMFT
  analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…
  ☆429Updated this week
• mandiant / ShimCacheParser
  ☆271Updated last year
• unixfreak0037 / officeparser
  Extract embedded files and macros from office documents.
  ☆177Updated 9 months ago
• libyal / libvshadow
  Library and tools to access the Volume Shadow Snapshot (VSS) format
  ☆109Updated last month
• libyal / libolecf
  Library and tools to access the OLE 2 Compound File (OLECF) format
  ☆67Updated last month
• godaddy / procfilter
  A YARA-integrated process denial framework for Windows
  ☆395Updated 4 years ago
• msuhanov / yarp
  Yet another registry parser
  ☆128Updated 2 years ago
• libyal / libesedb
  Library and tools to access the Extensible Storage Engine (ESE) Database File (EDB) format.
  ☆338Updated last month
• kirk-sayre-work / ViperMonkey
  A VBA parser and emulation engine to analyze malicious macros.
  ☆90Updated this week
• fireeye / pywintrace
  ETW Python Library
  ☆263Updated last year
• ralphje / imagemounter
  Command line utility and Python package to ease the (un)mounting of forensic disk images
  ☆116Updated last year
• bontchev / pcodedmp
  A VBA p-code disassembler
  ☆450Updated 3 years ago
• msuhanov / dfir_ntfs
  An NTFS/FAT parser for digital forensics & incident response
  ☆189Updated last year