Alternatives and similar repositories for nTimetools:

Users that are interested in nTimetools are comparing it to the libraries listed below

• threatexpress / procdot_sandbox
  ProcDot Malware Sandbox
  ☆22Updated 3 months ago
• wietze / windows-dll-env-hijacking
  Project for identifying executables and DLLs vulnerable to environment-variable based DLL hijacking.
  ☆56Updated 2 years ago
• DidierStevens / AdHoc
  AdHoc solutions
  ☆48Updated last year
• snapattack / bpfdoor-scanner
  BPFDoor Scanner - Check for Compromised Hosts
  ☆19Updated 2 years ago
• 0xThiebaut / PCAPeek
  A proof-of-concept re-assembler for reverse VNC traffic.
  ☆25Updated last year
• NVISOsecurity / blogposts
  A repo to house files for our blogposts on blog.nviso.eu
  ☆69Updated 6 months ago
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆91Updated 2 years ago
• slaughterjames / excelpeek
  ☆38Updated 3 years ago
• jsecurity101 / LDAPMon
  ☆45Updated last year
• w1u0u1 / smb2os
  Use smb2 protocol to detect remote computer os version, support win7/server2008-win10/server2019
  ☆59Updated 3 years ago
• DissectMalware / yaradbg-frontend
  ☆38Updated last year
• RomaissaAdjailia / Get-AppLockerEventlog
  This is a repo for fetching Applocker event log by parsing the win-event log
  ☆30Updated 2 years ago
• uf0o / PykDumper
  Dumping credentials through windbg and pykd
  ☆40Updated last year
• mtth-bfft / evtq
  Windows eventlog formatting, live fetching and querying utility in C
  ☆18Updated 4 years ago
• FarghlyMal / Config-Extractors
  ☆25Updated 3 months ago
• stairwell-inc / cobalt-strike-stager-parser
  ☆34Updated 2 years ago
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆73Updated 11 months ago
• Immersive-Labs-Sec / BruteRatel-DetectionTools
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆62Updated 2 years ago
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆38Updated 5 months ago
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆72Updated 3 years ago
• mandiant / pulsesecure_exploitation_countermeasures
  ☆23Updated last year
• 0xjxd / SquirrelWaffle-From-Maldoc-to-Cobalt-Strike
  ☆11Updated 3 years ago
• ryanmrestivo / blue-team
  Some portable tools, some YARA, some Python, and a little bit of love. Not all of these tools can be used in incident response. Use PEs…
  ☆34Updated last year
• daddycocoaman / volplugins
  Repository of Volatility3 plugins
  ☆21Updated last year
• panagioto / SyscallHide
  Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.
  ☆74Updated 5 years ago
• usualsuspect / yara_vt_mock
  Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing
  ☆21Updated last year
• filescanio / fsCommunity
  Collection of scripts / samples / snippits around the community service at www.filescan.io
  ☆11Updated last month
• kacos2000 / Prefetch-Browser
  Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's
  ☆59Updated 2 months ago
• hasherezade / mal_unpack_py
  Python wrappers for mal_unpack
  ☆35Updated last year
• nccgroup / UninstalledAppCanary
  A Canary which fires when uninstalled
  ☆34Updated 3 years ago