strayge / pylnk

Related projects ⓘ

Alternatives and complementary repositories for pylnk

• Matmaus / LnkParse3
  Windows Shortcut file (LNK) parser
  ☆71Updated 6 months ago
• DissectMalware / pyxlsb2
  an Excel 2007+ Binary Workbook (xlsb) parser for Python
  ☆19Updated 2 years ago
• wietze / windows-dll-env-hijacking
  Project for identifying executables and DLLs vulnerable to environment-variable based DLL hijacking.
  ☆56Updated 2 years ago
• ufrisk / MemProcFS-plugins
  ☆55Updated last month
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆26Updated 2 months ago
• woanware / etw-event-dumper
  ☆31Updated 2 years ago
• mgeeky / msidump
  MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.
  ☆194Updated last year
• JPCERTCC / Lazarus-research
  Lazarus analysis tools and research report
  ☆55Updated 11 months ago
• fox-it / dissect.esedb
  A Dissect module implementing a parser for Microsofts Extensible Storage Engine Database (ESEDB), used for example in Active Directory, E…
  ☆18Updated 4 months ago
• libyal / winreg-kb
  Windows Registry Knowledge Base
  ☆162Updated last month
• airbus-cert / vbSparkle
  VBScript & VBA source-to-source deobfuscator with partial-evaluation
  ☆73Updated 3 months ago
• skelsec / aardwolfgui
  Asynchronous RDP/VNC client for Python (GUI)
  ☆66Updated 2 months ago
• DidierStevens / AdHoc
  AdHoc solutions
  ☆48Updated last year
• volatilityfoundation / community3
  Volatility3 plugins developed and maintained by the community
  ☆45Updated last year
• trustedsec / tscopy
  ☆91Updated 2 years ago
• nmantani / archiver-MOTW-support-comparison
  ☆169Updated 2 months ago
• TheEnergyStory / malware_analysis_tools
  Tools helpful for malware analysis
  ☆22Updated 3 months ago
• jborean93 / dpapi-ng
  Python DPAPI NG Decryptor for non-Windows Platforms
  ☆56Updated last year
• mandiant / SSSDKCMExtractor
  ☆53Updated last year
• fox-it / dissect.cobaltstrike
  Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles
  ☆147Updated last month
• volexity / donut-decryptor
  Retrieve inner payloads from Donut samples
  ☆81Updated 9 months ago
• stairwell-inc / cobalt-strike-stager-parser
  ☆34Updated last year
• 0xThiebaut / PCAPeek
  A proof-of-concept re-assembler for reverse VNC traffic.
  ☆25Updated last year
• nasbench / procmon-malware-analysis-filters
  Repository containing malware analysis filters for the Windows SysInternals' - Process Monitor tool
  ☆13Updated 4 years ago
• libyal / winevt-kb
  Windows Event Log Knowledge Base
  ☆18Updated last month
• edygert / runsc
  runsc loads 32/64 bit shellcode (depending on how runsc is compiled) in a way that makes it easy to load in a debugger. This code is base…
  ☆36Updated last year
• usdAG / SharpLink
  Create file system symbolic links from low privileged user accounts within PowerShell
  ☆90Updated 2 years ago
• Immersive-Labs-Sec / BruteRatel-DetectionTools
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆62Updated 2 years ago
• naksyn / talks
  Repo containing my public talks
  ☆22Updated last year
• usualsuspect / yara_vt_mock
  Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing
  ☆21Updated last year