struppigel / PortexAnalyzerGUI
Graphical interface for PortEx, a Portable Executable and Malware Analysis Library
☆129Updated 3 months ago
Related projects ⓘ
Alternatives and complementary repositories for PortexAnalyzerGUI
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆193Updated last year
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆124Updated 3 months ago
- Finding secrets in kernel and user memory☆113Updated last year
- A ProcessMonitor visualization application written in rust.☆176Updated last year
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆82Updated last year
- ☆109Updated this week
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆109Updated 4 months ago
- A command line Windows API tracing tool for Golang binaries.☆148Updated 11 months ago
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆113Updated last year
- VBScript & VBA source-to-source deobfuscator with partial-evaluation☆73Updated 3 months ago
- Repository to publish your evasion techniques and contribute to the project☆134Updated 3 weeks ago
- Use YARA rules on Time Travel Debugging traces☆85Updated last year
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆219Updated 8 months ago
- A small util to brute-force prefetch hashes☆73Updated 2 years ago
- ☆153Updated 5 months ago
- Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm …☆99Updated last year
- Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows☆197Updated 2 years ago
- A collection of small scripts and tools for deobfuscation and malware analysis.☆65Updated last year
- Python tool to check rootkits in Windows kernel☆165Updated 3 months ago
- Repository of Yara Rules☆88Updated 3 weeks ago
- A collection of tools and detections for the Sliver C2 Frameworj☆109Updated last year
- Various code samples and useful tips and tricks from reverse engineering and malware analysis fields.☆98Updated last year
- Enumerate various traits from Windows processes as an aid to threat hunting☆183Updated 2 years ago
- Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles☆146Updated 3 weeks ago
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆89Updated 3 years ago
- Windows symbol tables for Volatility 3☆72Updated 4 months ago
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆343Updated last week
- A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck☆124Updated 11 months ago
- ETW based POC to identify direct and indirect syscalls☆173Updated last year