sebmarchand / pyetwLinks
☆13Updated 9 years ago
Alternatives and similar repositories for pyetw
Users that are interested in pyetw are comparing it to the libraries listed below
Sorting:
- ☆13Updated 4 years ago
- Server for receiving autorun data from the clients☆13Updated 7 years ago
- A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection☆31Updated 4 years ago
- API functions for Malware Research☆35Updated 5 years ago
- A Windows REG file to enable all default PowerShell logging on a system with PowerShell v5 installed☆16Updated 8 years ago
- Maltego transforms to pivot between PE files based on their VirusTotal codeblocks☆18Updated 3 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Updated 9 years ago
- Plugins for the Viper Framework☆14Updated 5 years ago
- Linux-KVM with rVMI extensions☆22Updated 7 years ago
- POC for IAT Parsing Payloads☆48Updated 8 years ago
- Yara filetype plugin for Vim.☆14Updated 4 years ago
- Volatility memory forensics plugin for extracting Windows DNS Cache☆29Updated 8 years ago
- A tool to generate yara signatures from function blocks☆19Updated 10 years ago
- Code for the DIMVA 2018 paper: "MemScrimper: Time- and Space-Efficient Storage of Malware Sandbox Memory Dumps"☆27Updated 5 years ago
- Extract GUIDs from .NET assemblies☆21Updated 8 years ago
- Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research☆53Updated 7 years ago
- pure Python binary analysis framework☆23Updated 6 years ago
- Generate MAEC XML from Ero Carrera's pefile output☆15Updated 8 years ago
- Analysis PE file or Shellcode☆49Updated 8 years ago
- Rekall Forensics and Incident Response Framework with rVMI extensions☆33Updated 4 years ago
- Emu-strings project - JScript/VBScript automated dropper analysis system☆18Updated 4 years ago
- Trace ScriptBlock execution for powershell v2☆40Updated 5 years ago
- ☆47Updated 5 years ago
- Handy scripts to speed up malware analysis☆35Updated last year
- A collection of Volatility Framework plugins.☆26Updated 11 years ago
- Print the strings of encoded printable characters in files☆12Updated 9 years ago
- Experimental: Windows .text section compare - disk versus memory☆14Updated 10 years ago
- Network detector for Winnti malware☆20Updated 7 years ago
- QEMU with rVMI extensions☆25Updated 7 years ago
- ☆32Updated 11 months ago