knez / defender-dumpLinks
Dump quarantined files from Windows Defender
☆65Updated 3 years ago
Alternatives and similar repositories for defender-dump
Users that are interested in defender-dump are comparing it to the libraries listed below
Sorting:
- Carve file metadata from NTFS index ($I30) attributes☆70Updated last year
- ☆19Updated 3 years ago
- Collection of scripts used to deobfuscate GOOTLOADER malware samples.☆63Updated 8 months ago
- A C# based tool for analysing malicious OneNote documents☆116Updated 2 years ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆62Updated 8 months ago
- Recycle bin artifact parser☆50Updated 7 months ago
- Multi-quarantine extractor☆47Updated 3 months ago
- runsc loads 32/64 bit shellcode (depending on how runsc is compiled) in a way that makes it easy to load in a debugger. This code is base…☆36Updated 2 years ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆54Updated 2 years ago
- ☆47Updated 7 months ago
- http://moaistory.blogspot.com/2018/10/winsearchdbanalyzer.html☆125Updated last year
- ☆238Updated 2 months ago
- RegRipper4.0☆62Updated 2 weeks ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆113Updated 3 years ago
- $MFT directory tree reconstruction & FILE record info☆311Updated 10 months ago
- Repository of Yara Rules☆115Updated 4 months ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆80Updated 3 months ago
- Windows.EDB Browser☆57Updated 2 years ago
- A collection of my yara rules☆34Updated 2 years ago
- JPCERT/CC public YARA rules repository☆110Updated 8 months ago
- Elastic Security Labs releases☆80Updated last month
- Rules shared by the community from 100 Days of YARA 2024☆85Updated 8 months ago
- A specification and style guide for YARA rules☆54Updated last year
- Yara Rules for Modern Malware☆79Updated last year
- ☆252Updated last year
- ☆106Updated last year
- A ProcessMonitor visualization application written in rust.☆183Updated 2 years ago
- Powershell Linter☆80Updated last month
- ☆38Updated 4 years ago
- Malware Samples that could be used for teaching students about malware analysis.☆58Updated last year