mandiant / gootloaderLinks
Collection of scripts used to deobfuscate GOOTLOADER malware samples.
☆63Updated 8 months ago
Alternatives and similar repositories for gootloader
Users that are interested in gootloader are comparing it to the libraries listed below
Sorting:
- A C# based tool for analysing malicious OneNote documents☆116Updated 2 years ago
- Rules shared by the community from 100 Days of YARA 2024☆85Updated 7 months ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu …☆54Updated 2 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆80Updated 3 months ago
- The Windows Malware Analysis Reversing Core Tools☆96Updated 4 years ago
- ☆204Updated 10 months ago
- YARA rule analyzer to improve rule quality and performance☆103Updated 4 months ago
- ☆25Updated 3 years ago
- A list of RMMs designed to be used in automation to build alerts☆112Updated 4 months ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97Updated 2 years ago
- Active C&C Detector☆156Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆97Updated 2 years ago
- Yara Rules for Modern Malware☆79Updated last year
- JPCERT/CC public YARA rules repository☆110Updated 8 months ago
- ☆69Updated 6 months ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆86Updated 6 months ago
- Full of public notes and Utilities☆128Updated 6 months ago
- Rules Shared by the Community from 100 Days of YARA 2023☆78Updated 2 years ago
- Initial triage of Windows Event logs☆102Updated last year
- The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson☆155Updated 2 years ago
- Baseline a Windows System against LOLBAS☆29Updated last year
- A tool to support the reporting of Authenticode Certificates by reducing the effort on individuals to report.☆34Updated 3 weeks ago
- Dump quarantined files from Windows Defender☆65Updated 3 years ago
- A home for detection content developed by the delivr.to team☆70Updated 3 weeks ago
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆32Updated last year
- WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.☆166Updated 5 months ago
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Updated last year
- Repository of Yara Rules☆115Updated 4 months ago
- ☆68Updated 3 weeks ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆113Updated 3 years ago