ViperMonkey
VBA emulator
An emulation engine designed to analyze and deobfuscate malicious VBA macros in Microsoft Office files.
A VBA parser and emulation engine to analyze malicious macros.
1k stars
63 watching
186 forks
Language: Python
last commit: 4 months ago emulationmacrosmalware-analysisparserpyparsingpythonsecurityvba
Related projects:
| Repository | Description | Stars |
|---|---|---|
 malwarecantfly/vba2graph | Analyzes VBA code to generate visual call graphs and highlights potential malicious keywords | 274 |
 infosecn1nja/maliciousmacromsbuild | Generates malicious macros to bypass application whitelisting and execute powershell or shellcode via MSBuild. | 494 |
 outflanknl/evilclippy | An assistant tool designed to create malicious MS Office documents by hiding or tampering with VBA macros and macro analysis tools | 2,130 |
 mandiant/speakeasy | Emulates specific components of the Windows operating system to analyze malware | 1,515 |
 dissectmalware/xlmmacrodeobfuscator | Decodes and deobfuscates obfuscated Excel macros from various file formats. | 572 |
 bonnetn/vba-obfuscator | A tool to protect VBA macros by obfuscating their code to evade antivirus signatures | 150 |
 therealsaumil/emux | An emulation framework for running firmware on emulated hardware using QEMU | 692 |
 michaelweber/macrome | A tool used to create and manipulate Excel documents containing malicious macros. | 513 |
 almenon/arepl-vscode | An extension for Visual Studio Code that provides real-time Python code evaluation and debugging features. | 264 |
 asweigart/pygcurse | A Pygame-based library that provides a curses-like interface for creating console applications with features like color text, cursor movement, and mouse support. | 1 |
 mrphrazer/hitb2021ams_deobfuscation | Automated deobfuscation of malware code using symbolic execution and simplification techniques | 71 |
 vernamlab/medusa | Automated attack synthesis tool for discovering vulnerabilities in CPU architecture and cryptographic protocols | 18 |
 mkorman90/volatilitybot | Automates memory analysis of malware samples and memory dumps by extracting binaries, injections, strings, and analyzing code using heuristics and YARA/Clam AV scanners. | 263 |
 gosecure/malboxes | Automates malware analysis on Windows VMs for research and testing purposes. | 1,030 |
 donaldp/imba-shell | An interactive debugger and REPL for the Imba programming language | 16 |