robwillisinfo / Invoke-Decoder
Invoke-Decoder – A PowerShell script to decode/deobfuscate malware samples
☆19Updated 4 years ago
Alternatives and similar repositories for Invoke-Decoder:
Users that are interested in Invoke-Decoder are comparing it to the libraries listed below
- ☆17Updated 5 years ago
- ☆12Updated 3 years ago
- Automation Capable Multi Search 64 Bit Windows Memory Scanner☆28Updated 4 years ago
- ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Ima…☆39Updated last year
- Spin up a reverse proxy quickly on Heroku☆14Updated 4 years ago
- Create COM Objects backed by Scripts, not DLLs☆9Updated 7 years ago
- ☆14Updated last month
- RemotePSpy provides live monitoring of remote PowerShell sessions, which is particularly useful for older (pre-5.0) versions of PowerShel…☆18Updated 5 years ago
- Notepad++ Syntax Highlighting for Languages Used by Cyber Security Professionals☆14Updated 4 years ago
- A not-at-all-ordered compilation of random security-related powershell scripts :-)☆12Updated 3 years ago
- Ingests logs/dbs from cobalt and empire and outputs an excel report with activity, sessions, and credentials☆20Updated 4 years ago
- Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.☆23Updated 4 years ago
- Collection of Jupyter notebooks☆13Updated 4 years ago
- Windows GUI/Execution Engine for Atomic Red Team Atomics☆34Updated 4 years ago
- Silent Cleanup UAC Bypass POC☆11Updated 5 years ago
- Triaging Windows event logs based on SANS Poster☆39Updated 2 years ago
- Tweettioc Splunk App☆20Updated 4 years ago
- A tool to create COM class/interface relationships in neo4j☆49Updated 2 years ago
- DLL hijacking vulnerability scanner and PE infector tool☆18Updated 7 years ago
- Use smb2 protocol to detect remote computer os version, support win7/server2008-win10/server2019☆59Updated 3 years ago
- A spiritual .NET equivalent to the Gargoyle memory scanning evasion technique☆52Updated 6 years ago
- This is a repo for fetching Applocker event log by parsing the win-event log☆30Updated 2 years ago
- ☆16Updated 3 years ago
- AppXSVC Service race condition - privilege escalation☆27Updated 5 years ago
- ProcDot Malware Sandbox☆24Updated 5 months ago
- Extracts Azure authentication tokens from PowerShell process minidumps.☆23Updated last year
- BloodHound Data Scanner☆45Updated 4 years ago
- POC code to crash Windows Event Logger Service☆26Updated 4 years ago
- Retrieve the IIS Application Pool Credentials. Relies on the WebAdministration PowerShell Module.☆14Updated 7 years ago
- A cross platform tool for verifying credentials and executing single commands☆32Updated 6 years ago