A tool for detecting VBA stomping.
☆101Aug 4, 2022Updated 3 years ago
Alternatives and similar repositories for VBASeismograph
Users that are interested in VBASeismograph are comparing it to the libraries listed below
Sorting:
- A VBA p-code disassembler☆484Jun 12, 2021Updated 4 years ago
- Crack your macros like the math pros.☆33Feb 14, 2017Updated 9 years ago
- Pafish Macro is a Macro enabled Office Document to detect malware analysis systems and sandboxes. It uses evasion & detection techniques …☆293Jun 27, 2017Updated 8 years ago
- CLI tool for testing Office documents with macros using MaliciousMacroBot☆12Dec 3, 2023Updated 2 years ago
- A Simple CLI App to mark all EXCEL sheets visible (i.e. sets "Very Hidden" and "Hidden" to "Visible")☆11Apr 16, 2020Updated 5 years ago
- Simple DDE object detector☆56Nov 24, 2017Updated 8 years ago
- ☆263Apr 10, 2023Updated 2 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆1,119Jul 10, 2024Updated last year
- Automatic analysis of SWF files based on some heuristics. Extensible via plugins.☆120Jun 19, 2019Updated 6 years ago
- Cheat-Sheet with events too look out for when analysing malicious Office documents☆19Oct 21, 2017Updated 8 years ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆585May 5, 2024Updated last year
- A VBA implementation of the RunPE technique or how to bypass application whitelisting.☆812Dec 17, 2019Updated 6 years ago
- PowerShell script for deobfuscating encoded PowerShell scripts☆434Feb 4, 2021Updated 5 years ago
- Python script which will type a file into an RDP session. For when drag and drop and disk mounting is not possible☆33May 3, 2024Updated last year
- VBA Obfuscation Tools combined with an MS office document generator☆551Oct 15, 2017Updated 8 years ago
- ☆349Mar 19, 2021Updated 4 years ago
- Automate AV evasion by calling AMSI☆88May 31, 2023Updated 2 years ago
- ☆11Jun 9, 2020Updated 5 years ago
- VBA Dynamic Hook dynamically analyzes VBA macros inside Office documents by hooking function calls☆153Mar 17, 2016Updated 9 years ago
- A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro…☆2,233Dec 27, 2023Updated 2 years ago
- An example of how to spawn a process with a spoofed parent PID (Visual C++)☆29Mar 3, 2019Updated 7 years ago
- Script to parse Process Monitor XML log file, and give you a summary report.☆23May 4, 2016Updated 9 years ago
- Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis☆84Jun 1, 2022Updated 3 years ago
- UAC Bypass with mmc via alpc☆158Apr 5, 2019Updated 6 years ago
- Script that searches through all COM objects for any methods containing a key word of your choosing.☆73Feb 28, 2020Updated 6 years ago
- Automatically create YARA rules from malicious documents.☆211May 16, 2022Updated 3 years ago
- Python based Office Macro Generator. Also does rudamentary obfuscation.☆12Jun 6, 2016Updated 9 years ago
- ☆16Apr 14, 2020Updated 5 years ago
- ☆182Feb 21, 2022Updated 4 years ago
- Finds sensitive stuff in your git repository by specifying terms to look for☆31Feb 16, 2018Updated 8 years ago
- This python based milter (mail-filter) checks an incoming mail for suspicious VBA macro code in MS 20xx Office attachments (doc, xls, ppt…�☆39Mar 29, 2021Updated 4 years ago
- PSAmsi is a tool for auditing and defeating AMSI signatures.☆398Apr 22, 2018Updated 7 years ago
- ☆37Aug 18, 2019Updated 6 years ago
- xlrd2 is a variant of xlrd that is actively maintained☆23Aug 1, 2024Updated last year
- Standalone CIRCLean/KittenGroomer code to sanitize emails.☆11Aug 9, 2018Updated 7 years ago
- C# code to run PIC using CreateThread☆17Apr 19, 2019Updated 6 years ago
- Code for blogpost: https://outflank.nl/blog/2018/10/25/building-resilient-c2-infrastructues-using-dns-over-https/☆55Oct 25, 2018Updated 7 years ago
- Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.☆280Dec 13, 2021Updated 4 years ago
- Powershell MS Outlook enumeration and phishing tool☆77May 26, 2016Updated 9 years ago