ViperMonkey
VBA emulator
An emulation engine designed to analyze and deobfuscate malicious VBA macros in Microsoft Office files.
A VBA parser and emulation engine to analyze malicious macros.
1k stars
63 watching
186 forks
Language: Python
last commit: 6 months ago emulationmacrosmalware-analysisparserpyparsingpythonsecurityvba
Related projects:
| Repository | Description | Stars |
|---|---|---|
 malwarecantfly/vba2graph | Analyzes VBA code to generate visual call graphs and highlights potential malicious keywords | 275 |
 infosecn1nja/maliciousmacromsbuild | Generates malicious macros to bypass application whitelisting and execute powershell or shellcode via MSBuild. | 495 |
 outflanknl/evilclippy | An assistant tool designed to create malicious MS Office documents by hiding or tampering with VBA macros and macro analysis tools | 2,131 |
 mandiant/speakeasy | Emulates specific components of the Windows operating system to analyze malware | 1,538 |
 dissectmalware/xlmmacrodeobfuscator | Decodes and deobfuscates obfuscated Excel macros from various file formats. | 575 |
 bonnetn/vba-obfuscator | A tool that obfuscates Visual Basic code to evade signature scans from Antivirus software | 150 |
 therealsaumil/emux | An emulation framework for running firmware on emulated hardware using QEMU | 699 |
 michaelweber/macrome | A tool used to create and manipulate Excel documents containing malicious macros. | 514 |
 almenon/arepl-vscode | An extension for Visual Studio Code that provides real-time Python code evaluation and debugging features. | 269 |
 asweigart/pygcurse | An implementation of a curses-like module for Pygame | 1 |
 mrphrazer/hitb2021ams_deobfuscation | Automated deobfuscation of malware code using symbolic execution and simplification techniques | 72 |
 vernamlab/medusa | Automated attack synthesis tool for discovering vulnerabilities in CPU architecture and cryptographic protocols | 18 |
 mkorman90/volatilitybot | Automates memory analysis of malware samples and memory dumps by extracting binaries, injections, strings, and analyzing code using heuristics and YARA/Clam AV scanners. | 264 |
 gosecure/malboxes | Automates malware analysis on Windows VMs for research and testing purposes. | 1,036 |
 donaldp/imba-shell | An interactive debugger and REPL for the Imba programming language | 16 |