Category: github
-
VBScrambler – A Python-Based VBScript Code Obfuscator
VBScrambler is a Python based VBScript code obfuscator which essentially takes VBScript as a form of input, either file or inline code, and provides an obfuscated VBScript one liner as output. The obfuscation works by taking the original VBScript, performing…
-
Windows Sandbox – Flare VM
This config file will automatically convert a temporary Windows Sandbox environment into a Flare VM for malware analysis. Useful for standing up a “quick” flare-vm test environment on the fly. Additionally, enhanced logging telemetry is also enabled on the host.…
-
Reordered Format String Deobfuscator
This script simply deobfuscates obfuscated PowerShell files or commands which leverage “Format String Reordering” in order to hide its original code. For more information on this obfuscation technique, see: https://www.securonix.com/blog/hiding-the-powershell-execution-flow/ The script has the ability to deobfuscate format strings in an…
-
Enable All The Logs!
This script automates enhancing logging telemetry on Windows hosts. It is designed specifically with threat detection in mind where logging is critical for detections in SIEM environments or in a lab setting for emulation, validation or for malware analysis. This…
-
Invoke-XORfuscation
Generate obfuscated PowerShell commands using XOR logic with random keys. Generate obfuscated PowerShell commands using XOR logic with random keys. Each variable as well as the XOR key is randomly generated. The resulting code is a PowerShell one-liner (or entire…
-
Py-BATCH-Fuscator
Obfuscate or Deobfuscate Batch Scripts using Encoding A set of Python scripts that uses a known method of batch script obfuscation by messing with the encoding. Simply pass in the encode/decode [-e/-d] parameter and file name ending in either .cmd…