libyal / assortedLinks
Assorted documentation, scripts and tools
☆34Updated 10 months ago
Alternatives and similar repositories for assorted
Users that are interested in assorted are comparing it to the libraries listed below
Sorting:
- Emu-strings project - JScript/VBScript automated dropper analysis system☆18Updated 4 years ago
- ☆32Updated last year
- Recover event log entries from an image by heurisitically looking for record structures.☆27Updated 9 years ago
- ☆13Updated 9 years ago
- Pure Python parser for data encoded by .NET's BinaryFormatter☆52Updated 6 years ago
- Library and tools to access the Windows Event Log (EVT) format☆60Updated last year
- Cockroach is your primitive & immortal swiss army knife.☆49Updated 3 years ago
- Automatically exported from code.google.com/p/malware-lu☆55Updated 6 years ago
- Generate MAEC XML from Ero Carrera's pefile output☆15Updated 8 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Updated 9 years ago
- ☆43Updated 5 years ago
- Google Chrome internals analysis using Volatility☆42Updated 2 years ago
- BONOMEN - Hunt for Malware Critical Process Impersonation☆49Updated 4 years ago
- Resolves DLL API entrypoints for a process w/ remote query capabilities.☆55Updated 8 years ago
- a collection of yara rules for binary analysis☆24Updated 8 years ago
- Public documents about bachelor thesis "Reverse Engineering Analysis of the NDIS 6.* stack"☆41Updated 9 years ago
- A python script that can be used to scan data within in an IDB using Yara.☆23Updated 6 years ago
- Print the strings of encoded printable characters in files☆12Updated 10 years ago
- Extract GUIDs from .NET assemblies☆21Updated 9 years ago
- simple plugin to detect shellcode on Bro IDS with Unicorn☆33Updated 8 years ago
- tracy - a system call tracer and injector. Find us in #tracy on irc.freenode.net☆33Updated last year
- LPE exploits for Secret Net and Secret Net Studio☆51Updated 9 years ago
- Carve files for MFT entries (eg. blkls output or memory dumps). Recovers filenames (long & short), timestamps ($STD & $FN) and data if re…☆21Updated 6 years ago
- Volatility memory forensics plugin for extracting Windows DNS Cache☆29Updated 8 years ago
- Imports MSDN documentation into IDA Pro☆51Updated 13 years ago
- A Python parser for Rich Headers☆15Updated 10 years ago
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆18Updated last year
- NTFS parser, plus linking capabilites between MFT LogFile and UsnJrnl☆37Updated 9 years ago
- QEMU with rVMI extensions☆25Updated 8 years ago
- MALM: Malware Monitor☆50Updated 12 years ago