nasbench/procmon-malware-analysis-filters external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

nasbench/procmon-malware-analysis-filters

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/nasbench/procmon-malware-analysis-filters)

Close

nasbench / procmon-malware-analysis-filtersView on GitHubMore

• External links
• Readme badge

Repository containing malware analysis filters for the Windows SysInternals' - Process Monitor tool

☆20Oct 2, 2020Updated 5 years ago

Alternatives and similar repositories for procmon-malware-analysis-filters

Users that are interested in procmon-malware-analysis-filters are comparing it to the libraries listed below

• MotiBa / ProcessMonitorAnalyzeMalware

  View on GitHub
  Script to parse Process Monitor XML log file, and give you a summary report.
  ☆23May 4, 2016Updated 9 years ago
• alternat0r / training-basic-malware-analysis

  View on GitHub
  In this training will be covered about a very basic step for malware analysis. Using several free tools to recognize malware behavior. Si…
  ☆12May 25, 2016Updated 9 years ago
• ashubits / Malware-Analysis

  View on GitHub
  ☆11Feb 14, 2025Updated last year
• sandmaxprime / VagrantMalwareWin10VM

  View on GitHub
  Vagrant Files to create a Virtualbox VM for Malware Analysis
  ☆13Jun 1, 2021Updated 4 years ago
• DanusMinimus / API-Hash

  View on GitHub
  API hashing written in C to load APIs indirectly using CRC32 hashing
  ☆15Jul 27, 2020Updated 5 years ago
• cado-security / MalwareAnalysis

  View on GitHub
  MalwareAnalysis
  ☆12Dec 19, 2020Updated 5 years ago
• AGDCservices / Misc-Malware-Analysis-Tools

  View on GitHub
  This repo contains miscellaneous tools to aid in your malware analysis.
  ☆13Mar 2, 2021Updated 5 years ago
• mgeeky / procmon-filters

  View on GitHub
  SysInternals' Process Monitor filters repository - collected from various places and made up by myself. To be used for quick Behavioral a…
  ☆69Sep 28, 2021Updated 4 years ago
• SecurityAura / Aura-Research

  View on GitHub
  Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.
  ☆22Jan 5, 2025Updated last year
• humpalum / vscode-sigma

  View on GitHub
  ☆17Oct 13, 2025Updated 4 months ago
• asgarciap / etw-dns

  View on GitHub
  A simple example application to collect DNS queries logs using etw-api
  ☆27May 11, 2020Updated 5 years ago
• stairwell-inc / threat-research

  View on GitHub
  Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
  ☆23Jan 31, 2024Updated 2 years ago
• holly-hacker / WasmLib

  View on GitHub
  A WIP WebAssembly decompiler, targeted at Il2CPP games
  ☆23Sep 28, 2024Updated last year
• dhondta / AppmemDumper

  View on GitHub
  Forensics triage tool relying on Volatility and Foremost
  ☆25Dec 3, 2023Updated 2 years ago
• libyal / winevt-kb

  View on GitHub
  Windows Event Log Knowledge Base
  ☆31Dec 23, 2025Updated 2 months ago
• sisoma2 / malware_analysis

  View on GitHub
  Scripts, Yara rules and other files developed during malware investigations
  ☆27Aug 19, 2022Updated 3 years ago
• fortinet / ips-bph-framework

  View on GitHub
  BLACKPHENIX is an open source malware analysis automation framework composed of services, scripts, plug-ins, and tools and is based on a …
  ☆32May 22, 2023Updated 2 years ago
• RomaissaAdjailia / Get-AppLockerEventlog

  View on GitHub
  This is a repo for fetching Applocker event log by parsing the win-event log
  ☆31Aug 6, 2022Updated 3 years ago
• mlodic / ursnif_beacon_decryptor

  View on GitHub
  Ursnif beacon decryptor
  ☆27Mar 20, 2023Updated 2 years ago
• center-for-threat-informed-defense / attack-powered-suit

  View on GitHub
  ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…
  ☆82Jun 9, 2025Updated 8 months ago
• woanware / etw-event-dumper

  View on GitHub
  ☆33Feb 26, 2022Updated 4 years ago
• hasherezade / IAT_patcher_samples

  View on GitHub
  Sample libraries to be used with IAT Patcher
  ☆37Oct 1, 2022Updated 3 years ago
• austoonz / Convert

  View on GitHub
  Convert simplifies object conversions by exposing common requirements as PowerShell functions.
  ☆38Feb 1, 2026Updated last month
• enkomio / RunDotNetDll

  View on GitHub
  A simple utility to list all methods of a given .NET Assembly and to invoke them
  ☆75Sep 21, 2021Updated 4 years ago
• kacos2000 / Win10LiveInfo

  View on GitHub
  Windows 10 Live Information viewer
  ☆38Jan 27, 2022Updated 4 years ago
• cyberphor / Soap

  View on GitHub
  A PowerShell module for incident response and threat hunting.
  ☆38May 23, 2024Updated last year
• reg1reg1 / Shellcode

  View on GitHub
  Assembly language files and Shellcode
  ☆38Jul 21, 2021Updated 4 years ago
• NextronSystems / evtx-baseline

  View on GitHub
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆86Dec 17, 2025Updated 2 months ago
• piotrcki / airgap-os

  View on GitHub
  Offline amnesic live Linux distribution
  ☆14Mar 8, 2025Updated 11 months ago
• zacbrown / PowerShellMethodAuditor

  View on GitHub
  PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.
  ☆37Sep 19, 2017Updated 8 years ago
• m-chrome / py-suricataparser

  View on GitHub
  Pure python parser for Snort/Suricata rules.
  ☆34Mar 13, 2024Updated last year
• saniho / apiMareeInfo

  View on GitHub
  un sensor pour récupérer les informations des prochaines marées
  ☆12Jan 27, 2026Updated last month
• MalwareCube / SOC101_challenges

  View on GitHub
  https://academy.tcm-sec.com/
  ☆14Aug 19, 2025Updated 6 months ago
• Neo23x0 / DLLRunner

  View on GitHub
  Smart DLL execution for malware analysis in sandbox systems
  ☆144Feb 16, 2015Updated 11 years ago
• sumeshi / evtx2es

  View on GitHub
  A library for fast parse & import of Windows Eventlogs into Elasticsearch.
  ☆86Jun 23, 2025Updated 8 months ago
• RolfRolles / IDBs

  View on GitHub
  Analyses in IDA/Hex-Rays
  ☆87Apr 6, 2023Updated 2 years ago
• sk4la / volatility3-docker

  View on GitHub
  Volatility, on Docker 🐳
  ☆41Nov 20, 2025Updated 3 months ago
• Big5-sec / SourceFu

  View on GitHub
  hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Curre…
  ☆40Aug 17, 2019Updated 6 years ago
• sipwise / libtcap

  View on GitHub
  Library for extracting fields from Sigtran TCAP/INAP messages
  ☆11Feb 17, 2026Updated 2 weeks ago