Bobby-Tablez's repositories
IP-Obfuscator
Hide an IP address in scripts using hex/decimal/octal conversions
VBScrambler
A Python VBScript Code Obfuscator
Enable-All-The-Logs
This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malware analysis. This can be used in production, however you might want to tune the GPO edits as needed.
Invoke-Mathfuscation
A quick command line utility that generates uses simple addition to obfuscate individual characters, then executes it
Format-String-Deobfuscator
Deobfuscates PowerShell format strings
fake_systeminfo
Generate a fake "systeminfo.exe" binary in order to hide the presence of a VM
Invoke-XORfuscation
Generate obfuscated PowerShell commands using XOR logic with random keys!
Process-Suspender
A quick PowerShell utility which launches and immediately suspends a provided process for a specified amount of time.
Heuristic-Confuser
Sandbox/Heuristic PowerShell Bypass
Py-BATCH-Fuscator
A Python script which simply obfuscates batch scripts by messing with the encoding.
Windows-Sandbox-Flare-VM
This config file will automatically convert a temporary Windows Sandbox environment into a Flare VM for malware analysis.
adaway-parsed
This repo is updated to include a clean list of advertising domains from AdAway found here: https://adaway.org/hosts.txt
Ethanol-Gasoline-Octane-Calculator
A PowerShell script which calculates the octane rating of an ethanol/gasoline mixture based on percentage of ethanol, and octane rating of gasoline (ie 91 or 93)
FT-Sysmon-Config
Sysmon configuration based on Swift on Security
Sigma-Rules
Contains sigma rules based on current threat research
EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
HijackLibs
Project for tracking publicly disclosed DLL Hijacking opportunities.
LOOBins
Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.
sigma
Main Rule Repository
Yara-Rules
Yara-Rules