zbetcheckin / PDF_analysis
Several PDF analysis reassembled with additional tips and tools
☆324Updated last year
Alternatives and similar repositories for PDF_analysis:
Users that are interested in PDF_analysis are comparing it to the libraries listed below
- An open source script to perform malware static analysis on Portable Executable☆312Updated last year
- Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.☆279Updated 3 years ago
- YARA malware query accelerator (web frontend)☆422Updated 2 weeks ago
- Set of Yara rules for finding files using magics headers☆137Updated 4 years ago
- Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js☆466Updated last year
- Tool to help analyze PDF files☆185Updated 10 years ago
- For all these times you're asking yourself "what is this panel again?"☆254Updated last year
- Pattern Extractor for Obfuscated Code☆297Updated 3 years ago
- A malware analysis and classification tool.☆190Updated 3 years ago
- 16,432 Free Yara rules created by☆383Updated 5 years ago
- An AFF4 C++ implementation.☆198Updated 2 years ago
- FCL (Fileless Command Lines) - Known command lines of fileless malicious executions☆466Updated 3 years ago
- Collection of forensics artifacts location for Mac OS X and iOS☆328Updated 3 years ago
- Personal compilation of APT malware from whitepaper releases, documents and own research☆260Updated 6 years ago
- ☆443Updated 4 months ago
- Balbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain na…☆135Updated 5 years ago
- An NTFS/FAT parser for digital forensics & incident response☆200Updated 4 months ago
- Scripts to analyze stuff☆146Updated last week
- A modern Python-3-based alternative to RegRipper☆193Updated this week
- Collaborative malware analysis framework☆375Updated 6 years ago
- Regipy is an os independent python library for parsing offline registry hives☆254Updated 3 months ago
- Awesome VirusTotal Intelligence Search Queries☆332Updated last year
- A VBA parser and emulation engine to analyze malicious macros.☆95Updated last month
- ☆275Updated last year
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆133Updated 2 years ago
- unXOR will search a XORed file and try to guess the key using known-plaintext attacks.☆142Updated 4 years ago
- Autoruns plugin for the Volatility framework☆121Updated 5 years ago
- Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant☆235Updated last year
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆192Updated 3 weeks ago
- Allows you to quickly query a Windows machine for RAM artifacts☆220Updated 4 years ago