robwillisinfo / Invoke-Decoder
Invoke-Decoder – A PowerShell script to decode/deobfuscate malware samples
☆19Updated 4 years ago
Alternatives and similar repositories for Invoke-Decoder:
Users that are interested in Invoke-Decoder are comparing it to the libraries listed below
- ProcDot Malware Sandbox☆22Updated 4 months ago
- Tweettioc Splunk App☆20Updated 4 years ago
- ☆12Updated 3 years ago
- Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.☆43Updated 6 years ago
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Updated 5 years ago
- Extracts Azure authentication tokens from PowerShell process minidumps.☆23Updated last year
- ☆22Updated last year
- Building ActiveDirectory Lab for practicing various attack vectors used during Red Team engagement.☆36Updated 5 years ago
- Log converter from CS log to Ghostwriter CSV☆28Updated 4 years ago
- A cross platform tool for verifying credentials and executing single commands☆32Updated 5 years ago
- This is a repository for the public blog with Labs indicators of compromise.☆10Updated 5 years ago
- Detecting PowerShell Empire, Metasploit Meterpreter and Cobalt Strike agents by payload size sequence analysis and host correlation☆16Updated 6 years ago
- AppXSVC Service race condition - privilege escalation☆27Updated 5 years ago
- Spin up a reverse proxy quickly on Heroku☆13Updated 4 years ago
- USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is exec…☆20Updated 2 years ago
- Use smb2 protocol to detect remote computer os version, support win7/server2008-win10/server2019☆59Updated 3 years ago
- Simple C2 over the Trello API☆38Updated 2 years ago
- POC code to crash Windows Event Logger Service☆26Updated 4 years ago
- The repository accompanying the Buer Emulation workshop☆24Updated 3 years ago
- Ingests logs/dbs from cobalt and empire and outputs an excel report with activity, sessions, and credentials☆20Updated 4 years ago
- Some simple scripts for decrypting passwords retrieved from a Manage Engine OpManager installation☆11Updated 9 years ago
- Windows GUI/Execution Engine for Atomic Red Team Atomics☆34Updated 4 years ago
- ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Ima…☆39Updated last year
- D-Scan project for office document analysis and generating flow diagram of macro in documents. For demo visit☆29Updated 4 months ago
- Convert Empire profiles to Apache mod_rewrite scripts☆27Updated 5 years ago
- A tool to create COM class/interface relationships in neo4j☆48Updated 2 years ago
- Tool to manage user privileges☆28Updated 5 years ago
- Experiments on the Windows Internals☆30Updated 5 years ago
- I used this to see if an EDR is running in Safe Mode☆36Updated 4 years ago
- A Canary which fires when uninstalled☆34Updated 4 years ago