Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.
☆217Updated this week
Alternatives and similar repositories for VM-Packages
Users that are interested in VM-Packages are comparing it to the libraries listed below
Sorting:
- A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering env…☆8,378Dec 23, 2025Updated 2 months ago
- Tricard - Malware Sandbox Fingerprinting☆23Dec 11, 2023Updated 2 years ago
- Standard collection of rules for capa: the tool for enumerating the capabilities of programs☆694Updated this week
- RenameLocalVars is an IDA plugin that renames local variables to something easier to read.☆15Jul 9, 2023Updated 2 years ago
- Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysi…☆1,300Jun 1, 2023Updated 2 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆86Dec 17, 2025Updated 2 months ago
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…☆427Jan 25, 2025Updated last year
- Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mand…☆7,527Oct 16, 2025Updated 4 months ago
- The FLARE team's open-source tool to identify capabilities in executable files.☆5,844Updated this week
- A curated list of KAPE-related resources☆182May 1, 2025Updated 10 months ago
- Publicly shareable windows event log message data☆28Nov 29, 2019Updated 6 years ago
- PowerShell scripts for running Magnet RESPONSE forensic collection tool in large enterprises.☆30Jan 9, 2025Updated last year
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,897Feb 23, 2026Updated last week
- ☆21May 8, 2022Updated 3 years ago
- Distributed Nmap, wrapper around Nmap to allow distributed network enumeration.☆20May 15, 2025Updated 9 months ago
- Anteater is Reconnaissance tool for discovering interesting files and folders in a web application that most likely has been misconfigure…☆13Jun 12, 2024Updated last year
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- MalUnpack companion driver☆99Jun 17, 2024Updated last year
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆341Dec 3, 2025Updated 2 months ago
- The multi-platform memory acquisition tool.☆950Oct 14, 2025Updated 4 months ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆36Jul 11, 2023Updated 2 years ago
- ☆77Jun 25, 2019Updated 6 years ago
- Collection of various malicious functionality to aid in malware development☆1,841Feb 28, 2024Updated 2 years ago
- Prefetch Explorer Command Line☆283Jan 12, 2025Updated last year
- Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser☆44Feb 21, 2026Updated last week
- Windows 10 Live Information viewer☆38Jan 27, 2022Updated 4 years ago
- FakeNet-NG - Next Generation Dynamic Network Analysis Tool☆2,083Dec 9, 2025Updated 2 months ago
- Configuration Extractors for Malware☆124Apr 23, 2025Updated 10 months ago
- Unicode Security Toolkit☆21Feb 15, 2026Updated 2 weeks ago
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- Tools I use on red team engagements and more☆33Mar 14, 2024Updated last year
- Documentation and scripts to properly enable Windows event logs.☆672Oct 3, 2025Updated 4 months ago
- UnpacMe IDA Byte Search☆29Nov 20, 2023Updated 2 years ago
- A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80☆21Apr 2, 2025Updated 11 months ago
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆214Feb 16, 2026Updated last week
- FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.☆72Jan 6, 2026Updated last month
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆696Oct 22, 2025Updated 4 months ago
- High Octane Triage Analysis☆820Updated this week
- Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…☆2,313Oct 31, 2025Updated 4 months ago