Windows Shortcut file (LNK) parser
☆137Nov 17, 2022Updated 3 years ago
Alternatives and similar repositories for LnkParse
Users that are interested in LnkParse are comparing it to the libraries listed below
Sorting:
- Various config files obtained during malware analysis☆67Oct 31, 2018Updated 7 years ago
- VBA Reversed TCP Meterpreter Stager☆65Apr 23, 2018Updated 7 years ago
- Malware samples observed in the wild from time to time☆12Jul 29, 2019Updated 6 years ago
- VBA Dynamic Hook dynamically analyzes VBA macros inside Office documents by hooking function calls☆153Mar 17, 2016Updated 10 years ago
- Various snippets created during malware analysis☆22Apr 29, 2018Updated 7 years ago
- Experiment in implementation of an instrumentation for American Fuzzy Lop using DynamoRIO☆15Jul 29, 2017Updated 8 years ago
- Lazy Office Analyzer☆121Feb 15, 2017Updated 9 years ago
- OfficeBrute - brute force protected word documents☆23Feb 4, 2018Updated 8 years ago
- ☆229May 10, 2018Updated 7 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- A VBA p-code disassembler☆485Jun 12, 2021Updated 4 years ago
- SQL scripts for querying event logs☆21Jul 12, 2017Updated 8 years ago
- Carve NTFS USN records from binary data☆27May 21, 2017Updated 8 years ago
- IoC's, PCRE's, YARA's etc☆23Mar 25, 2025Updated 11 months ago
- VolatilityBot – An automated memory analyzer for malware samples and memory dumps☆269Jun 15, 2021Updated 4 years ago
- Automated forensics written in PowerShell☆34Sep 29, 2019Updated 6 years ago
- ☆13Nov 10, 2020Updated 5 years ago
- PowerShell and Cobalt Strike scripts for lateral movement using Excel 4.0 / XLM macros via DCOM (direct shellcode injection in Excel.exe)☆328Mar 26, 2019Updated 6 years ago
- Ransack Post Exploitation Tool☆16May 3, 2016Updated 9 years ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Nov 13, 2022Updated 3 years ago
- Script which is able to decrypt data sent to AzoRult 3.3 Server☆11Feb 5, 2021Updated 5 years ago
- All Zero Nights 2016 'A threat hunter himself' stuff☆16Nov 18, 2016Updated 9 years ago
- YARA Language Server☆74Feb 3, 2026Updated last month
- A simple utility for stripping out either the SHA-1, MD5 or CRC values alone from the NSRL hash database☆14Nov 19, 2021Updated 4 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆1,119Jul 10, 2024Updated last year
- Web interface for the Volatility Memory Forensics Framework☆259Nov 21, 2017Updated 8 years ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Curre…☆40Aug 17, 2019Updated 6 years ago
- Tools for parsing Forensic images☆41Dec 14, 2018Updated 7 years ago
- AWS Live Response☆11Sep 19, 2017Updated 8 years ago
- Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing☆55May 18, 2019Updated 6 years ago
- VBA Obfuscation Tools combined with an MS office document generator☆551Oct 15, 2017Updated 8 years ago
- When CactusTorch meets WebDavDelivery and obfuscation☆63Sep 19, 2017Updated 8 years ago
- Scripts and Modules for forensical analyses of mysql database systems☆22Sep 19, 2014Updated 11 years ago
- Two Proof-Of-Concepts of SUID binary vulnerabilities on BMC Patrol allowing to elevate privileges from any linux user to root.☆12Jun 29, 2020Updated 5 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- Python script to decode common encoded PowerShell scripts☆217Jun 13, 2018Updated 7 years ago
- ☆84May 19, 2015Updated 10 years ago
- Simple PowerShell enumeration script to look for interesting files☆10Aug 26, 2019Updated 6 years ago