limbenjamin / nTimetoolsLinks
Timestomper and Timestamp checker with nanosecond accuracy for NTFS volumes
☆50Updated 3 years ago
Alternatives and similar repositories for nTimetools
Users that are interested in nTimetools are comparing it to the libraries listed below
Sorting:
- ☆34Updated 2 years ago
- A scanner that files with compromised or untrusted code signing certificates written in python.☆65Updated last year
- ☆57Updated 10 months ago
- ☆93Updated 3 years ago
- Modular malware analysis artifact collection and correlation framework☆53Updated last year
- My Malware Analysis Reports☆22Updated 3 years ago
- Repository for LNK stuff☆31Updated 3 years ago
- Yara Rules for Modern Malware☆79Updated last year
- Unpacking and decryption tools for the Emotet malware☆45Updated 3 years ago
- Triaging Windows event logs based on SANS Poster☆39Updated 2 years ago
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆64Updated 3 years ago
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆83Updated 2 years ago
- ☆45Updated last year
- Finding secrets in kernel and user memory☆116Updated last year
- The repository accompanying the Buer Emulation workshop☆24Updated 4 years ago
- MITRE TTPs derived from Conti's leaked playbooks from XSS.IS☆39Updated 3 years ago
- Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…☆42Updated 11 months ago
- AdHoc solutions☆48Updated 2 years ago
- Quickly search for references to a GUID in DLLs, EXEs, and drivers☆75Updated 3 years ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆70Updated 3 years ago
- Rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sending data to Elastic Cloud.☆50Updated last year
- ProcDot Malware Sandbox☆24Updated last month
- Dumping credentials through windbg and pykd☆41Updated last year
- Manipulate timestamps on NTFS☆52Updated 10 years ago
- Python wrappers for mal_unpack☆36Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆97Updated 2 years ago
- Repo for The Crown: Exploratory Analysis of Nim Malware DEF CON 615 talk☆46Updated 3 years ago
- Identifies metadata of .NET binary files.☆21Updated last year
- Reverse Engineering and Debugging Malware☆32Updated 2 years ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆44Updated 4 years ago