A C# based tool for analysing malicious OneNote documents
☆119Apr 4, 2023Updated 3 years ago
Alternatives and similar repositories for OneNoteAnalyzer
Users that are interested in OneNoteAnalyzer are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- Script to pull newly-registered domains and check for similarity against a provided word list.☆13Aug 2, 2020Updated 5 years ago
- A Bumblebee-inspired Crypter☆80Dec 5, 2022Updated 3 years ago
- A Python script that embeds Target VBS into LNK and when executed runs the VBS script from within.☆33Dec 5, 2022Updated 3 years ago
- Simple EDR that injects a DLL into a process to place a hook on specific Windows API☆98Aug 27, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office☆37Mar 15, 2023Updated 3 years ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆32Nov 1, 2023Updated 2 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆109Feb 12, 2023Updated 3 years ago
- A list of RMMs designed to be used in automation to build alerts☆120Nov 9, 2025Updated 7 months ago
- PoC showcasing new DarkGate Install Script retrieval technique via DNS TXT Record☆45Dec 15, 2023Updated 2 years ago
- A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck☆132Nov 25, 2023Updated 2 years ago
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated last year
- ☆142Jun 21, 2023Updated 3 years ago
- Fully modular persistence framework☆259Apr 10, 2023Updated 3 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.☆65Oct 17, 2023Updated 2 years ago
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).��☆57Oct 10, 2022Updated 3 years ago
- ☆24Jul 7, 2023Updated 2 years ago
- Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…☆54Apr 10, 2022Updated 4 years ago
- PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.☆330May 1, 2025Updated last year
- Imphash-like calculation on Golang binaries☆50Jul 2, 2022Updated 3 years ago
- ☆27Feb 6, 2022Updated 4 years ago
- Defeating Anti-Debugging Techniques for Malware Analysis☆12Oct 1, 2022Updated 3 years ago
- A python library to parse OneNote (.one) files☆153Jul 11, 2024Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Python module for running BOFs☆80Nov 28, 2025Updated 7 months ago
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆75Apr 18, 2024Updated 2 years ago
- DynamicSyscalls is a library written in .net resolves the syscalls dynamically (Has nothing to do with hooking/unhooking)☆66Nov 13, 2022Updated 3 years ago
- ☆119Aug 7, 2022Updated 3 years ago
- ☆124Oct 9, 2023Updated 2 years ago
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆60Oct 28, 2022Updated 3 years ago
- A golang CLI tool to download malware from a variety of sources.☆151Jul 3, 2025Updated 11 months ago
- A GUI and CLI tool for removing bloat from executables☆451Jun 9, 2026Updated 3 weeks ago
- a tool to help operate in EDRs' blind spots☆769Dec 2, 2024Updated last year
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- IDA plugin to deobfuscate emotet CFF☆18Apr 26, 2022Updated 4 years ago
- Aims to identify sleeping beacons☆671Jan 25, 2026Updated 5 months ago
- ☆209May 10, 2026Updated last month
- Small utility to chunk up a large BloodHound JSON file into smaller files for importing.☆97Apr 13, 2023Updated 3 years ago
- JPCERT/CC public YARA rules repository☆111Mar 9, 2026Updated 3 months ago
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆38Dec 7, 2025Updated 6 months ago
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆262Oct 29, 2025Updated 8 months ago