mandiant / VM-PackagesLinks
Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.
☆184Updated last week
Alternatives and similar repositories for VM-Packages
Users that are interested in VM-Packages are comparing it to the libraries listed below
Sorting:
- A ProcessMonitor visualization application written in rust.☆181Updated last year
- ☆201Updated 7 months ago
- The Windows Malware Analysis Reversing Core Tools☆95Updated 4 years ago
- Repository of Yara Rules☆111Updated 2 months ago
- A C# based tool for analysing malicious OneNote documents☆114Updated 2 years ago
- Rules shared by the community from 100 Days of YARA 2024☆85Updated 5 months ago
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆193Updated last year
- ☆250Updated last year
- ☆131Updated 3 weeks ago
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆165Updated 2 months ago
- Jupyter Notebooks for the Blue Team☆144Updated 3 months ago
- A collection of tools, scripts and personal research☆131Updated 2 months ago
- A python script developed to process Windows memory images based on triage type.☆262Updated last year
- MAL-CL (Malicious Command-Line)☆313Updated 2 years ago
- Free training course offered at Hack Space Con 2023☆138Updated 2 years ago
- File analysis and management framework.☆85Updated last year
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆240Updated 2 months ago
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆213Updated 2 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆95Updated 2 years ago
- ☆232Updated 2 weeks ago
- ☆136Updated 2 years ago
- This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.☆114Updated last year
- Dump quarantined files from Windows Defender☆64Updated 3 years ago
- Python tool to check rootkits in Windows kernel☆197Updated 3 months ago
- Active C&C Detector☆154Updated last year
- ☆196Updated last year
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆167Updated 2 years ago
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆151Updated 9 months ago
- Rules Shared by the Community from 100 Days of YARA 2023☆77Updated 2 years ago
- ☆121Updated last year