Repository containing malware analysis filters for the Windows SysInternals' - Process Monitor tool
☆21Oct 2, 2020Updated 5 years ago
Alternatives and similar repositories for procmon-malware-analysis-filters
Users that are interested in procmon-malware-analysis-filters are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Script to parse Process Monitor XML log file, and give you a summary report.☆24May 4, 2016Updated 10 years ago
- In this training will be covered about a very basic step for malware analysis. Using several free tools to recognize malware behavior. Si…☆12May 25, 2016Updated 10 years ago
- Vagrant Files to create a Virtualbox VM for Malware Analysis☆13Jun 1, 2021Updated 5 years ago
- ☆23Jun 1, 2022Updated 4 years ago
- This is a repo for fetching Applocker event log by parsing the win-event log☆29Aug 6, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆18Oct 13, 2025Updated 8 months ago
- Framework for Man-In-The-Middle attacks☆15Feb 19, 2018Updated 8 years ago
- ☆24Apr 22, 2025Updated last year
- An IDA plugin to deobfuscate Pikabot's strings using RC4 and AES☆13Apr 8, 2024Updated 2 years ago
- Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!☆53Jan 9, 2026Updated 5 months ago
- Simple DuckyScript to Arduino converter☆14Jan 14, 2019Updated 7 years ago
- Tool that gathers a customizable set of ETW telemetry and generates user-defined detections☆55Jan 28, 2026Updated 5 months ago
- IDA plugin for YARA signature creation☆22Nov 30, 2025Updated 7 months ago
- Yara filetype plugin for Vim.☆14Feb 18, 2021Updated 5 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Scans the filesystem for directories that are user-writeable☆13Jun 21, 2021Updated 5 years ago
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆83Apr 29, 2026Updated 2 months ago
- ☆33Feb 26, 2022Updated 4 years ago
- WISKESS automates the Windows evidence processing for Incident Response investigations. Rust version.☆17Jun 27, 2026Updated last week
- Indicators of compromise from to analysis and research by Nextron Threat Research team☆12Jun 2, 2026Updated last month
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆23Jan 31, 2024Updated 2 years ago
- ☆11Feb 14, 2025Updated last year
- ☆15Sep 24, 2024Updated last year
- PEiD like python script☆10Mar 5, 2017Updated 9 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.☆37Sep 19, 2017Updated 8 years ago
- This repo contains miscellaneous tools to aid in your malware analysis.☆13Mar 2, 2021Updated 5 years ago
- Various code samples and useful tips and tricks from reverse engineering and malware analysis fields.☆106Jun 11, 2025Updated last year
- SQL, IIS, Oh My...☆22Feb 24, 2025Updated last year
- A simple utility to list all methods of a given .NET Assembly and to invoke them☆73Sep 21, 2021Updated 4 years ago
- Official Website Of The Sigma Project☆23Jun 16, 2026Updated 2 weeks ago
- This tool is the result of a reverse engineering process of the Windows service called SysMain. Time to interact with the prefetch files …☆33Nov 2, 2020Updated 5 years ago
- A simple example application to collect DNS queries logs using etw-api☆29May 11, 2020Updated 6 years ago
- A library to parse macOS FsEvents☆25Aug 28, 2022Updated 3 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- ☆15Apr 8, 2023Updated 3 years ago
- a tiny program to consume from ETW providers for research☆55Jan 4, 2025Updated last year
- ☆15Oct 25, 2022Updated 3 years ago
- Carbon Black Response IR tool☆56Dec 10, 2020Updated 5 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆92Mar 11, 2026Updated 3 months ago
- An Android controlled bluetooth rubber duck - see my hackaday.io project for instructions to make your own for less than $10☆24Jan 2, 2018Updated 8 years ago
- A simple tool designed to create Atomic Red Team tests with ease.☆65May 3, 2026Updated 2 months ago