nmantani / archiver-MOTW-support-comparison

Related projects ⓘ

Alternatives and complementary repositories for archiver-MOTW-support-comparison

• jsecurity101 / ETWInspector
  ☆153Updated 5 months ago
• markuta / bw-dump
  A proof-of-concept for (CVE-2023-38840) that extracts plaintext master passwords from a locked Bitwarden vault.
  ☆38Updated 8 months ago
• mattifestation / AntimalwareBlight
  Execute PowerShell code at the antimalware-light protection level.
  ☆137Updated last year
• jsecurity101 / JonMon
  ☆173Updated 3 months ago
• elastic / Silhouette
  Keep it secret, keep it safe
  ☆75Updated last year
• Wh1t3Rh1n0 / PECheck
  A tool to verify and create PE Checksums for Portable Executable (PE) files.
  ☆50Updated last year
• SafeBreach-Labs / aikido_wiper
  ☆64Updated last year
• bohops / RogueAssemblyHunter
  Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes.
  ☆115Updated 2 years ago
• moaistory / WinSearchDBAnalyzer
  http://moaistory.blogspot.com/2018/10/winsearchdbanalyzer.html
  ☆118Updated 3 months ago
• CCob / Shwmae
  ☆130Updated last month
• sensepost / mydumbedr
  ☆104Updated 9 months ago
• knight0x07 / OneNoteAnalyzer
  A C# based tool for analysing malicious OneNote documents
  ☆107Updated last year
• Mr-Un1k0d3r / WindowsDllsExport
  A list of all the DLLs export in C:\windows\system32\
  ☆211Updated 2 years ago
• almandin / ntdsdotsqlite
  A small utility to translate NTDS.dit files to SQLite format.
  ☆62Updated last year
• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆71Updated 2 months ago
• CCob / DGPOEdit
  Disconnected GPO Editor - A Group Policy Manager launcher to allow editing of domain GPOs from non-domain joined machines
  ☆144Updated 2 months ago
• jsecurity101 / TelemetrySource
  ☆222Updated 6 months ago
• gtworek / VolatileDataCollector
  ☆187Updated last week
• Immersive-Labs-Sec / msrc-api
  A collection of tools to interact with Microsoft Security Response Center API
  ☆95Updated 10 months ago
• manyfacedllama / amsi-tracer
  Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …
  ☆89Updated 3 years ago
• dr4k0nia / tooling-playground
  A collection of small scripts and tools for deobfuscation and malware analysis.
  ☆65Updated last year
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆67Updated 8 months ago
• kacos2000 / WinEDB
  Windows.EDB Browser
  ☆54Updated last year
• 1njected / CMLoot
  Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) SMB shares
  ☆156Updated last year
• deepinstinct / NoFilter
  ☆293Updated 2 weeks ago
• Octoberfest7 / BeatRev
  POC for frustrating/defeating Malware Analysts
  ☆150Updated 2 years ago
• amjcyber / EDRNoiseMaker
  Detect WFP filters blocking EDR communications
  ☆78Updated 10 months ago
• nccgroup / DetectWindowsCopyOnWriteForAPI
  Enumerate various traits from Windows processes as an aid to threat hunting
  ☆183Updated 2 years ago
• evild3ad / Collect-MemoryDump
  Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
  ☆219Updated 8 months ago
• FourCoreLabs / LolDriverScan
  Scan vulnerable drivers on Windows with loldrivers.io
  ☆162Updated last year