Repository containing malware analysis filters for the Windows SysInternals' - Process Monitor tool
☆21Oct 2, 2020Updated 5 years ago
Alternatives and similar repositories for procmon-malware-analysis-filters
Users that are interested in procmon-malware-analysis-filters are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Script to parse Process Monitor XML log file, and give you a summary report.☆24May 4, 2016Updated 10 years ago
- MalwareAnalysis☆12Dec 19, 2020Updated 5 years ago
- Windows Event Log Knowledge Base☆33May 16, 2026Updated 3 weeks ago
- In this training will be covered about a very basic step for malware analysis. Using several free tools to recognize malware behavior. Si…☆12May 25, 2016Updated 10 years ago
- Vagrant Files to create a Virtualbox VM for Malware Analysis☆13Jun 1, 2021Updated 5 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.☆22Jan 5, 2025Updated last year
- ☆23Jun 1, 2022Updated 4 years ago
- SysInternals' Process Monitor filters repository - collected from various places and made up by myself. To be used for quick Behavioral a…☆71Sep 28, 2021Updated 4 years ago
- This is a repo for fetching Applocker event log by parsing the win-event log☆29Aug 6, 2022Updated 3 years ago
- ☆18Oct 13, 2025Updated 8 months ago
- Framework for Man-In-The-Middle attacks☆15Feb 19, 2018Updated 8 years ago
- @davidtwco's dotfiles - managed by chezmoi!☆14Jan 16, 2026Updated 4 months ago
- ☆24Apr 22, 2025Updated last year
- An IDA plugin to deobfuscate Pikabot's strings using RC4 and AES☆13Apr 8, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!☆53Jan 9, 2026Updated 5 months ago
- Simple DuckyScript to Arduino converter☆14Jan 14, 2019Updated 7 years ago
- Tool that gathers a customizable set of ETW telemetry and generates user-defined detections☆55Jan 28, 2026Updated 4 months ago
- IDA plugin for YARA signature creation☆22Nov 30, 2025Updated 6 months ago
- Yara filetype plugin for Vim.☆14Feb 18, 2021Updated 5 years ago
- Scans the filesystem for directories that are user-writeable☆13Jun 21, 2021Updated 4 years ago
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆83Apr 29, 2026Updated last month
- ☆33Feb 26, 2022Updated 4 years ago
- A Remote Administration Tool coded in C#☆19Jul 5, 2012Updated 13 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Indicators of compromise from to analysis and research by Nextron Threat Research team☆12Jun 2, 2026Updated last week
- API hashing written in C to load APIs indirectly using CRC32 hashing☆15Jul 27, 2020Updated 5 years ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆23Jan 31, 2024Updated 2 years ago
- ☆11Feb 14, 2025Updated last year
- ☆15Sep 24, 2024Updated last year
- PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.☆37Sep 19, 2017Updated 8 years ago
- This repo contains miscellaneous tools to aid in your malware analysis.☆13Mar 2, 2021Updated 5 years ago
- Time2Vec neural network components. From paper: "Time2Vec: Learning a Vector Representation of Time" - https://arxiv.org/pdf/1907.05321.p…☆10Nov 25, 2024Updated last year
- A WIP WebAssembly decompiler, targeted at Il2CPP games☆24Sep 28, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Various code samples and useful tips and tricks from reverse engineering and malware analysis fields.☆108Jun 11, 2025Updated last year
- SQL, IIS, Oh My...☆21Feb 24, 2025Updated last year
- A simple utility to list all methods of a given .NET Assembly and to invoke them☆73Sep 21, 2021Updated 4 years ago
- Load AWS infrastructure into Neo4j Database for security and compliance analisys☆11Aug 12, 2022Updated 3 years ago
- Official Website Of The Sigma Project☆22Jun 8, 2026Updated last week
- A simple example application to collect DNS queries logs using etw-api☆29May 11, 2020Updated 6 years ago
- A library to parse macOS FsEvents☆25Aug 28, 2022Updated 3 years ago