PoC for hiding data within $MFT
☆12Aug 14, 2014Updated 11 years ago
Alternatives and similar repositories for StegoMft
Users that are interested in StegoMft are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Extract files off NTFS☆22Nov 1, 2014Updated 11 years ago
- Language Server Provider for ImHex's pattern language.☆15Oct 11, 2023Updated 2 years ago
- A Kaggle Playground Competition Project☆12Jan 13, 2017Updated 9 years ago
- A Keylogger written in AutoIt☆12May 26, 2014Updated 11 years ago
- A small tool to unmap PE memory dumps.☆11Nov 9, 2023Updated 2 years ago
- When you run it, it will save all stored Google Chrome passwords in Passwords.txt☆12Jun 12, 2023Updated 2 years ago
- Python based Office Macro Generator. Also does rudamentary obfuscation.☆12Jun 6, 2016Updated 9 years ago
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆21Sep 30, 2022Updated 3 years ago
- libdt is part of the "Huorong eXtendible Stream Scan Engine" project copyright by Huorong Borui (Beijing) Technology Co., Ltd.☆14Aug 17, 2015Updated 10 years ago
- A command line tool to query the Launch Services database☆15Jul 28, 2018Updated 7 years ago
- Powerful commandline $MFT record editor.☆25Aug 15, 2015Updated 10 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆32Mar 22, 2017Updated 9 years ago
- Automatic detection of flaws in iOS sandbox profiles☆13Jun 13, 2022Updated 3 years ago
- Simple Imager has been created for performing live acquisition of Windows based systems in a forensically sound manner☆30Feb 27, 2026Updated 3 weeks ago
- System Security Project☆13Feb 28, 2017Updated 9 years ago
- A collection of AutoIT scripts I've found to be useful.☆12Sep 4, 2014Updated 11 years ago
- A collection of powershell scripts that are designed to be ran from a Microsoft Defender for Endpoint Live Response terminal, utilizing o…☆12Apr 26, 2023Updated 2 years ago
- x64dbg plugin to bypass Themida 3.1.x+ Anti-Debug, VM Detection & Monitoring Software☆19Aug 3, 2023Updated 2 years ago
- AutoIt scripts for multiple miners.☆10Jun 7, 2017Updated 8 years ago
- backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script shoul…☆16Aug 10, 2016Updated 9 years ago
- A web front-end providing a REST-ful API to mount and unmount forensic disk images☆22Feb 14, 2026Updated last month
- Digital Artefact Extraction Tool for Discord Application☆12Apr 13, 2023Updated 2 years ago
- Shell scripts for decompiling and analyzing binary files through the retdec.com REST API.☆12Jun 17, 2018Updated 7 years ago
- Capture. Detonate. Collect☆14Sep 20, 2024Updated last year
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- ☆13May 31, 2022Updated 3 years ago
- Do DFIR work in a Windows Sandbox☆21Updated this week
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- The power of posix_spawn in your shell.☆12Sep 18, 2022Updated 3 years ago
- ☆13Feb 9, 2024Updated 2 years ago
- Physical memory and MMIO read/write command line utility via asmmap64 on Windows☆18May 10, 2023Updated 2 years ago
- 冰蝎3 流量 分析解密工具☆15Jan 8, 2022Updated 4 years ago
- libcodecs is part of the "Huorong eXtendible Stream Scan Engine" project copyright by Huorong Borui (Beijing) Technology Co., Ltd.☆24Aug 17, 2015Updated 10 years ago
- Threads emulation for AutoIt3☆12Aug 14, 2016Updated 9 years ago
- Vault of Windows Registry forensic artifacts☆28Nov 12, 2025Updated 4 months ago
- 帮助苦逼溯源人员快速分析和追踪可疑IP与域名。☆20Jan 14, 2025Updated last year
- Rebuild damaged .so file section according to .dynamic section.☆16Jan 10, 2018Updated 8 years ago
- Using a convolutional neural network (ConvNet) to classify leaf species.☆25Oct 27, 2021Updated 4 years ago
- Configurations for DFIR ORC☆28Mar 28, 2024Updated last year