GitHub - MichalSoltysikSOC/Malware-analysis-and-detection-tools: Simple and typical Blue Team malware analysis and detection tools from Michał Sołtysik - e.g. perfect to catch a keylogger exfiltrating data and deleting its traces

Author: Michał Sołtysik

Cybersecurity Analyst & Consultant | Deep Packet Inspection Analyst | Digital Forensics Examiner | SOC Trainer | CyberWarfare Organizer

LinkedIn: https://www.linkedin.com/in/michal-soltysik-ssh-soc/

Accredible: https://www.credential.net/profile/michalsoltysik/wallet

Email: mikewavepoland@gmail.com

Written in PowerShell (built on top of the .NET Framework and .NET Core).

Compiled to .exe executable files with the MZ file header.

License: Free for personal and commercial use.

Overall summary:

Each script individually performs one of the following functions: (1) continuously monitors a specified file for changes and copies it to the user's desktop when modifications occur; (2) monitors a specified directory for changes and copies its contents to another directory continuously; and (3) monitors a specified directory for file system changes, logging them, and providing real-time notifications.

Tool name: FileCatcherBeforeRemoval.exe

Purpose: This script continuously monitors a specified file for changes and copies it to the user's desktop when modifications occur.

Tool name: DirectoryCatcherBeforeRemoval.exe

Purpose: This script is designed to monitor a specified directory for changes and copy its contents to another directory continuously.

Tool name: FileWatcher.exe

Purpose: The script monitors a specified directory for file system changes, logging them and providing real-time notifications.

Tool name: FileWatcherWithExactTimestamps.exe

Purpose: FileWatcherWithExactTimestamps is an updated version of FileWatcher that provides exact timestamps in milliseconds, unlike FileWatcher, which provides timestamps in seconds.

Name		Name	Last commit message	Last commit date
Latest commit History 35 Commits
log-examples		log-examples
screenshots		screenshots
DirectoryCatcherBeforeRemoval.exe		DirectoryCatcherBeforeRemoval.exe
DirectoryCatcherBeforeRemoval.zip		DirectoryCatcherBeforeRemoval.zip
DirectoryCatcherBeforeRemoval_READ_ME_EN.txt		DirectoryCatcherBeforeRemoval_READ_ME_EN.txt
DirectoryCatcherBeforeRemoval_READ_ME_PL.txt		DirectoryCatcherBeforeRemoval_READ_ME_PL.txt
FileCatcherBeforeRemoval.exe		FileCatcherBeforeRemoval.exe
FileCatcherBeforeRemoval.zip		FileCatcherBeforeRemoval.zip
FileCatcherBeforeRemoval_READ_ME_EN.txt		FileCatcherBeforeRemoval_READ_ME_EN.txt
FileCatcherBeforeRemoval_READ_ME_PL.txt		FileCatcherBeforeRemoval_READ_ME_PL.txt
FileWatcher.exe		FileWatcher.exe
FileWatcher.zip		FileWatcher.zip
FileWatcherWithExactTimestamps.exe		FileWatcherWithExactTimestamps.exe
FileWatcherWithExactTimestamps.zip		FileWatcherWithExactTimestamps.zip
FileWatcherWithExactTimestamps_READ_ME_EN.txt		FileWatcherWithExactTimestamps_READ_ME_EN.txt
FileWatcherWithExactTimestamps_READ_ME_PL.txt		FileWatcherWithExactTimestamps_READ_ME_PL.txt
FileWatcher_READ_ME_EN.txt		FileWatcher_READ_ME_EN.txt
FileWatcher_READ_ME_PL.txt		FileWatcher_READ_ME_PL.txt
README.md		README.md

MichalSoltysikSOC/Malware-analysis-and-detection-tools

Folders and files

Latest commit

History

Repository files navigation

About

Topics

Resources

Stars

Watchers

Forks