Invoke-Decoder – A PowerShell script to decode/deobfuscate malware samples
☆18Aug 2, 2020Updated 5 years ago
Alternatives and similar repositories for Invoke-Decoder
Users that are interested in Invoke-Decoder are comparing it to the libraries listed below
Sorting:
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆13May 20, 2023Updated 2 years ago
- Using Undocumented NTDLL Functions to Read/Write/Delete File☆18Jan 25, 2021Updated 5 years ago
- The repository that complements the From zero to hero: creating a reflective loader in C# workshop☆40Oct 6, 2021Updated 4 years ago
- Process injection via KernelCallbackTable☆13Jan 28, 2022Updated 4 years ago
- ☆14Oct 5, 2019Updated 6 years ago
- Classic DLL injection. Download dll from url and inject. Simple C++ implementation☆10Apr 16, 2022Updated 3 years ago
- Malware development: persistence - part 1: startup folder registry keys. C++ implementation☆12Apr 21, 2022Updated 3 years ago
- Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.☆11May 17, 2024Updated last year
- Malware persistence via COM DLL hijacking. C++ implementation example☆13May 2, 2022Updated 3 years ago
- Zac's assorted config files☆10Jan 11, 2017Updated 9 years ago
- C++ Host .NET CLR & Run a assembly directly from ressource (RT_RCDATA) without extraction disk.☆15Mar 18, 2023Updated 3 years ago
- Find kernel32 base and API addresses. Simple C++ implementation☆23Apr 7, 2022Updated 3 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- Malware analysis tool based on taint analysis.☆14Jan 29, 2022Updated 4 years ago
- A platform independent C++ code obfuscator.☆13Jul 20, 2019Updated 6 years ago
- Malware analyses and helpful scripts☆29May 26, 2022Updated 3 years ago
- ☆14Nov 12, 2021Updated 4 years ago
- HTTP/HTTPS/DNS inspector (windows driver)☆27Feb 20, 2019Updated 7 years ago
- Kernel mode windows NT API logger☆22Sep 9, 2019Updated 6 years ago
- Download any files directly to the google drive. It uses Google colab to download files.☆12May 27, 2020Updated 5 years ago
- A flexible, easy to use, automation framework allowing users to integrate their capabilities and devices to cut through the repetitive, t…☆12Nov 23, 2022Updated 3 years ago
- WORK IN PROGRESS. RAT written in C++ using Win32 API☆19Sep 12, 2019Updated 6 years ago
- a ntdll.h head file which download from network, and fix all found problems by me.☆34Dec 31, 2024Updated last year
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Mar 23, 2020Updated 5 years ago
- Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.☆43Nov 10, 2018Updated 7 years ago
- Encrypted Shellcode Loader Generator☆22Jan 29, 2019Updated 7 years ago
- An Integrity-Check Monitoring Pintool☆58Nov 2, 2020Updated 5 years ago
- A curated list of awesome threat detection and hunting resources☆16Sep 12, 2018Updated 7 years ago
- Rootkit。 进程监控。☆11Jul 19, 2016Updated 9 years ago
- ☆16Apr 16, 2015Updated 10 years ago
- Automate Windows Defender STIG to 100% Compliance☆19Jul 26, 2024Updated last year
- Powershell Network Scanner☆38Jan 20, 2020Updated 6 years ago
- ☆13Jan 12, 2018Updated 8 years ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆32Aug 7, 2019Updated 6 years ago
- Penetration Testing Tool for Windows 7 => 10☆14Sep 19, 2018Updated 7 years ago
- PowerShell script for deobfuscating encoded PowerShell scripts☆435Feb 4, 2021Updated 5 years ago
- Creating a ransomware in a minute☆30Apr 25, 2023Updated 2 years ago
- ☆11Jul 26, 2022Updated 3 years ago
- Microsoft Teams Powershell Scripts☆14Mar 14, 2023Updated 3 years ago