kevthehermit / volatility_plugins
Volatility Plugins
☆61Updated last year
Related projects: ⓘ
- Static based decoders for malware samples☆93Updated 4 years ago
- Toolset for research malware and Cobalt Strike beacons☆205Updated last year
- POSHSPY backdoor code☆43Updated 7 years ago
- Telsy CTI Research Team☆57Updated 3 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆85Updated 6 years ago
- Smart DLL execution for malware analysis in sandbox systems☆141Updated 9 years ago
- Malware Sinkhole List in various formats☆102Updated 2 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Updated 6 years ago
- A "tiny" meterpreter stager☆127Updated 5 years ago
- Slides and reference material from Evading Autoruns presentation at DerbyCon 7 (September 2017)☆102Updated 3 years ago
- Repository of yara rules☆45Updated 9 years ago
- Dynamic PowerShell Analysis Framework Based Upon PowerShell Debugging Functionality☆82Updated last year
- Decodes PlugX traffic and encrypted/compressed artifacts☆37Updated 11 years ago
- Detect kerberos attacks in pcap files☆27Updated 8 years ago
- A tool for de-obfuscating PowerShell scripts☆65Updated 5 years ago
- Historical list of {Cobalt Strike,NanoHTTPD} servers☆123Updated 5 years ago
- hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Curre…☆40Updated 5 years ago
- ☆85Updated this week
- ☆28Updated this week
- ☆149Updated this week
- APT || Execution || Launch || APTs || ( Authors harr0ey, bohops )☆107Updated 6 years ago
- Malware samples observed in the wild from time to time☆12Updated 5 years ago
- Windows link file (shortcuts) examiner☆65Updated 3 months ago
- A collection of PowerShell Modules for BloodHound/Empire Orchestration☆104Updated 6 years ago
- Scan web server for known webshell names and responses☆50Updated 8 years ago
- Parse evtx files and detect use of the DanderSpritz eventlogedit module☆145Updated 6 years ago
- All the Power with no Shell☆36Updated 2 years ago
- ☆85Updated this week
- Generate a Yara rule to find base64-encoded files containg a specific keyword☆39Updated 6 years ago
- The oledump-contrib repository contains plugins and enhancements for the oledump tool published by Didier Stevens.☆52Updated 8 years ago