mandiant / VM-Packages

Related projects ⓘ

Alternatives and complementary repositories for VM-Packages

• forensicxlab / VISION-ProcMon
  A ProcessMonitor visualization application written in rust.
  ☆176Updated last year
• RussianPanda95 / Yara-Rules
  Repository of Yara Rules
  ☆88Updated last month
• SentineLabs / SentinelLabs_RevCore_Tools
  The Windows Malware Analysis Reversing Core Tools
  ☆89Updated 3 years ago
• knight0x07 / OneNoteAnalyzer
  A C# based tool for analysing malicious OneNote documents
  ☆107Updated last year
• 100DaysofYARA / 2024
  Rules shared by the community from 100 Days of YARA 2024
  ☆78Updated 7 months ago
• blueteam0ps / memOptix
  A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.
  ☆94Updated last year
• gtworek / VolatileDataCollector
  ☆187Updated 3 weeks ago
• evild3ad / Collect-MemoryDump
  Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
  ☆220Updated 8 months ago
• archcloudlabs / HackSpaceCon_Malware_Analysis_Course
  Free training course offered at Hack Space Con 2023
  ☆132Updated last year
• nasbench / Misc-Research
  A collection of tools, scripts and personal research
  ☆113Updated 4 months ago
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆148Updated 6 months ago
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆78Updated last year
• LOLESXi-Project / LOLESXi
  LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…
  ☆105Updated last month
• mttaggart / blue-jupyter
  Jupyter Notebooks for the Blue Team
  ☆141Updated last year
• Neo23x0 / YARA-Style-Guide
  A specification and style guide for YARA rules
  ☆37Updated 9 months ago
• nikhilh-20 / ELFEN
  ELFEN: Automated Linux Malware Analysis Sandbox
  ☆117Updated 4 months ago
• knez / defender-dump
  Dump quarantined files from Windows Defender
  ☆56Updated 2 years ago
• jsecurity101 / JonMon
  ☆173Updated 3 months ago
• ashemery / WindowsDFIR
  Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…
  ☆75Updated 3 years ago
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆150Updated last year
• dodo-sec / Malware-Analysis
  ☆130Updated last year
• jsecurity101 / TelemetrySource
  ☆222Updated 6 months ago
• Malandrone / PowerDecode
  PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…
  ☆161Updated 6 months ago
• IppSec / PowerSiem
  ☆114Updated 7 months ago
• EZToolsManuals / EZToolsManuals
  A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub
  ☆63Updated last year
• Ahmed-AL-Maghraby / Windows-Registry-Analysis-Cheat-Sheet
  ☆147Updated last year
• mandiant / gootloader
  Collection of scripts used to deobfuscate GOOTLOADER malware samples.
  ☆56Updated last week
• secure-cake / win-mal-investigations
  Windows Malware Investigation Scripts & Docs
  ☆75Updated last week
• adanalvarez / AWS-malware-lab
  Creation of a laboratory for malware analysis in AWS
  ☆85Updated last year
• elastic / labs-releases
  Elastic Security Labs releases
  ☆52Updated 3 weeks ago