Collection of scripts used to deobfuscate GOOTLOADER malware samples.
☆77Dec 29, 2025Updated 2 months ago
Alternatives and similar repositories for gootloader
Users that are interested in gootloader are comparing it to the libraries listed below
Sorting:
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- Brute Ratel LDAP filtering and sorting tool. Easily take BR log output and pull hostnames for ease of use with other red team tooling. Su…☆38Nov 16, 2023Updated 2 years ago
- Malformed Access Log to CSV - Convert Web Server Access Logs to CSV☆18Sep 3, 2024Updated last year
- Powershell sandboxing utility☆20Feb 2, 2026Updated last month
- Python script for parsing ESET (NOD32) virlog.dat file.☆14Sep 28, 2017Updated 8 years ago
- ADSI based SA tool☆17Apr 9, 2022Updated 3 years ago
- Packer and vagrant scripts to automate building Windows and Linux machines on vCenter☆17Jul 7, 2019Updated 6 years ago
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆22Apr 16, 2021Updated 4 years ago
- Items related to the RedELK workshop given at security conferences☆29Sep 28, 2023Updated 2 years ago
- Here are some tools I developed to help analyze malware☆11Nov 8, 2023Updated 2 years ago
- A step-by-step walkthrough of how to write a Client and a Driver to communicate with each other and boost the priority of a thread.☆17Dec 12, 2023Updated 2 years ago
- Volatility 3 plugins to extract a module as complete as possible☆12Jun 13, 2023Updated 2 years ago
- Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.☆29Sep 29, 2025Updated 5 months ago
- my MSTICpy practice and custom tools repository☆11Apr 23, 2025Updated 10 months ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- Attacking and defending web and VPN session hijacking in Pulse Secure Connect☆14Oct 24, 2019Updated 6 years ago
- Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe☆13Dec 11, 2023Updated 2 years ago
- ☆11Jun 12, 2023Updated 2 years ago
- WMI SA stuffs☆30Apr 18, 2022Updated 3 years ago
- Automatically exported from code.google.com/p/mac-osx-forensics☆28Jan 12, 2016Updated 10 years ago
- Sechead is a powerful security tool developed in Python that allows users to audit the security headers of any website. With Sechead, use…☆13May 22, 2023Updated 2 years ago
- 🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.☆14May 22, 2024Updated last year
- A collection of tools and detections for the Sliver C2 Frameworj☆132Apr 24, 2023Updated 2 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- Splunk Technology-AddOn for Aurora Sigma-Based EDR Agent. It helps parse and configure the necessary inputs to neatly consume Aurora EDR …☆13Sep 27, 2022Updated 3 years ago
- A PowerShell script to parse the docx/docm file format and update the template location.☆17Oct 15, 2019Updated 6 years ago
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆101Aug 15, 2025Updated 6 months ago
- A C# Tool to find left over pentest data for use in your pentest or redteam op. Blue could maybe use to find files to cleanup☆38Sep 14, 2023Updated 2 years ago
- ☆309Aug 14, 2020Updated 5 years ago
- Corporative registry worldwide catalog. 63 countries☆16Jun 24, 2022Updated 3 years ago
- A simple Toolkit to BF and decrypt Windows EntraId CacheData☆20Jun 20, 2024Updated last year
- Config files for my GitHub profile.☆14May 7, 2023Updated 2 years ago
- Parser for Windows Scheduled Task files.☆13Apr 26, 2023Updated 2 years ago
- Scripts to automate standing up C2 infra with firewall settings inside of DigitalOcean.☆18Feb 5, 2021Updated 5 years ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆107Nov 23, 2022Updated 3 years ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Sep 14, 2023Updated 2 years ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Aug 21, 2016Updated 9 years ago
- Preact wrapper for chartjs2☆16Jan 21, 2022Updated 4 years ago