sebmarchand / pyetw
☆13Updated 8 years ago
Alternatives and similar repositories for pyetw:
Users that are interested in pyetw are comparing it to the libraries listed below
- A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection☆31Updated 4 years ago
- Trace ScriptBlock execution for powershell v2☆40Updated 5 years ago
- Maltego transforms to pivot between PE files based on their VirusTotal codeblocks☆18Updated 3 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Updated 9 years ago
- A Windows REG file to enable all default PowerShell logging on a system with PowerShell v5 installed☆16Updated 8 years ago
- Emu-strings project - JScript/VBScript automated dropper analysis system☆17Updated 4 years ago
- Handy scripts to speed up malware analysis☆35Updated last year
- Plugins for the Viper Framework☆14Updated 5 years ago
- ☆13Updated 4 years ago
- Yara filetype plugin for Vim.☆14Updated 4 years ago
- A Simple CLI App to mark all EXCEL sheets visible (i.e. sets "Very Hidden" and "Hidden" to "Visible")☆11Updated 4 years ago
- Crack your macros like the math pros.☆33Updated 8 years ago
- API functions for Malware Research☆35Updated 5 years ago
- QEMU with rVMI extensions☆25Updated 7 years ago
- pure Python binary analysis framework☆23Updated 6 years ago
- Server for receiving autorun data from the clients☆13Updated 7 years ago
- POC for IAT Parsing Payloads☆47Updated 8 years ago
- Carve Windows Prefetch files from arbitrary binary data☆14Updated 7 years ago
- Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research☆53Updated 7 years ago
- This repository regroups the Yara Rules for the Unprotect Project☆24Updated 4 years ago
- Pcaps for PeddleCheap and implant communication + script for interpreting and decrypting pcaps.☆15Updated 7 years ago
- Experimental: Windows .text section compare - disk versus memory☆14Updated 10 years ago
- Linux-KVM with rVMI extensions☆22Updated 7 years ago
- ☆32Updated 9 months ago
- Command-line Interface for Binar.ly☆37Updated 8 years ago
- Notepad++ Syntax Highlighting for Languages Used by Cyber Security Professionals☆14Updated 4 years ago
- A tool to generate yara signatures from function blocks☆19Updated 10 years ago
- Extract GUIDs from .NET assemblies☆21Updated 8 years ago
- Print the strings of encoded printable characters in files☆12Updated 9 years ago
- This script is used for extracting DDE in docx and xlsx☆12Updated 7 years ago