Alternatives and similar repositories for tools:

Users that are interested in tools are comparing it to the libraries listed below

• forensicxlab / VISION-ProcMon
  A ProcessMonitor visualization application written in rust.
  ☆177Updated last year
• vu-ls / Crassus
  ☆570Updated 4 months ago
• gtworek / VolatileDataCollector
  ☆200Updated 5 months ago
• nasbench / Misc-Research
  A collection of tools, scripts and personal research
  ☆127Updated 8 months ago
• Unprotect-Project / Unprotect_Submission
  Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…
  ☆158Updated last month
• sinfulz / JustEvadeBro
  JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.
  ☆307Updated 7 months ago
• mandiant / VM-Packages
  Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.
  ☆171Updated last week
• Ahmed-AL-Maghraby / Windows-Registry-Analysis-Cheat-Sheet
  ☆158Updated last year
• Malandrone / PowerDecode
  PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…
  ☆178Updated 11 months ago
• redteamsocietegenerale / DLLirant
  DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.
  ☆488Updated 2 years ago
• d4rksystem / VBoxCloak
  A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …
  ☆289Updated last year
• dodo-sec / Malware-Analysis
  ☆134Updated last year
• mgeeky / msidump
  MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.
  ☆207Updated last year
• dobin / avred
  Analyse your malware to surgically obfuscate it
  ☆457Updated last month
• gh0x0st / Invoke-PSObfuscation
  An in-depth approach to obfuscating the individual components of a PowerShell payload whether you're on Windows or Kali Linux.
  ☆267Updated 2 years ago
• LOLAPPS-Project / LOLAPPS
  LOLAPPS is a compendium of applications that can be used to carry out day-to-day exploitation.
  ☆184Updated last month
• LETHAL-FORENSICS / Collect-MemoryDump
  Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
  ☆236Updated this week
• Mr-Un1k0d3r / ATP-PowerShell-Scripts
  Microsoft Signed PowerShell scripts
  ☆214Updated 2 years ago
• Faran-17 / Windows-Internals
  Important notes and topics on my journey towards mastering Windows Internals
  ☆374Updated 11 months ago
• AlteredSecurity / Disable-TamperProtection
  A POC to disable TamperProtection and other Defender / MDE components
  ☆203Updated 9 months ago
• deepinstinct / NoFilter
  ☆297Updated 5 months ago
• d4rksystem / VMwareCloak
  A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…
  ☆340Updated 2 months ago
• binderlabs / DirCreate2System
  Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting
  ☆357Updated 2 years ago
• gh0x0st / Get-ReverseShell
  A solution to create obfuscated reverse shells for PowerShell.
  ☆76Updated 2 years ago
• icyguider / LightsOut
  Generate an obfuscated DLL that will disable AMSI & ETW
  ☆319Updated 8 months ago
• deepinstinct / ContainYourself
  A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.
  ☆310Updated last year
• georgesotiriadis / Chimera
  Automated DLL Sideloading Tool With EDR Evasion Capabilities
  ☆469Updated last year
• floesen / EventLogCrasher
  ☆186Updated last year
• CCob / Volumiser
  ☆376Updated 6 months ago
• IppSec / PowerSiem
  ☆119Updated last year