Alternatives and similar repositories for StegoMft

Users that are interested in StegoMft are comparing it to the libraries listed below

• mandiant / win10_rekall
  Rekall Memory Forensic Framework
  ☆32Updated 5 years ago
• idiom / activemime-format
  ActiveMime File Format Documentation
  ☆18Updated 3 years ago
• FuzzySecurity / BulkBindex
  Winbindex bot to pull in binaries for specific releases
  ☆48Updated last year
• snemes / malware-analysis
  ☆23Updated 4 years ago
• memprocfshunt / MemProcFSHunter
  A powershell parser for https://github.com/ufrisk/MemProcFS
  ☆44Updated 4 years ago
• KasperskyLab / Apihashes
  IDA Pro plugin for recognizing known hashes of API function names
  ☆81Updated 3 years ago
• cube0x8 / ChromeRagamuffin
  Google Chrome internals analysis using Volatility
  ☆42Updated 2 years ago
• nao-sec / rr_decoder
  Royal Road RTF Weaponizer object decoder
  ☆24Updated 9 months ago
• stairwell-inc / cobalt-strike-stager-parser
  ☆34Updated 2 years ago
• ITAYC0HEN / SUNBURST-Cracked
  The following repository contains a modified version of SUNBURST with cracekd hashes, comments and annotations.
  ☆56Updated 4 years ago
• obscuritylabs / PeFixup
  PE File Blessing - To continue or not to continue
  ☆87Updated 5 years ago
• n1ght-w0lf / Uchihash
  A small utility to deal with malware embedded hashes.
  ☆51Updated last year
• MathildeVenault / SysMainView
  This tool is the result of a reverse engineering process of the Windows service called SysMain. Time to interact with the prefetch files …
  ☆31Updated 4 years ago
• its-a-feature / macos_execute_from_memory
  PoC of macho loading from memory
  ☆57Updated 7 months ago
• memoryforensics1 / VolExp
  volatility explorer
  ☆91Updated 4 years ago
• ethereal-vx / Persistence
  Recreating and reviewing the Windows persistence methods
  ☆38Updated 3 years ago
• nccgroup / WindowsMemPageDelta
  A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection
  ☆31Updated 4 years ago
• TarlogicSecurity / sepriv
  Tool to manage user privileges
  ☆29Updated 5 years ago
• nccgroup / Winstrument
  Winstrument is a framework of modular scripts to aid in instrumenting Windows software using Frida for reverse engineering and attack sur…
  ☆68Updated 4 years ago
• alexander-hanel / gopep
  Go Lang Portable Executable Parser
  ☆39Updated 4 years ago
• ufrisk / MemProcFS-plugins
  ☆56Updated 8 months ago
• jschicht / SetMace
  Manipulate timestamps on NTFS
  ☆52Updated 10 years ago
• edygert / runsc
  runsc loads 32/64 bit shellcode (depending on how runsc is compiled) in a way that makes it easy to load in a debugger. This code is base…
  ☆36Updated 2 years ago
• tyranid / DumpReparsePoints
  This is a simple tool to dump all the reparse points on an NTFS volume.
  ☆33Updated 4 years ago
• pmelson / pyhexdmp
  ☆27Updated 3 years ago
• hasherezade / pe2pic
  Small visualizator for PE files
  ☆69Updated last year
• sisoma2 / malware_analysis
  Scripts, Yara rules and other files developed during malware investigations
  ☆25Updated 2 years ago
• djhohnstein / wlbsctrl_poc
  C++ POC code for the wlbsctrl.dll hijack on IKEEXT
  ☆53Updated 6 years ago
• naxonez / YaraRules
  Yaras Random
  ☆20Updated 6 years ago
• GDATAAdvancedAnalytics / winreg-tasks
  ☆19Updated 2 years ago