MalwareMechanic
MalwareMechanic
Download symbols for common DLLs such as ntdll, kernel32, kernelbase, user32, advapi, etc... to `C:\symbols`. This will aid reversers when o internet connection is available. See: - https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/symchk-command-line-options
Helps with password protected macros - https://www.proxoft.com/Rvbap/default.aspx
This PR adds the ability to read compressed pages within Windows 10 memory captures by introducing a new address space. Additional plugins are provided to help demonstrate the capability, register...
## Description Of Changes Updated how `VerbosePreference` was being used to propagate the verbose setting for new `choco.exe` processes and during Boxstarter environment variable restoration. ## Motivation and Context The...
As packages continue to increase, it'd be great if we had a way to better display / organize available packages. Initial ideas: - By category - By distribution flavor (e.g.,...
Add option for helper functions to allow user's to specify if tool should be ran as admin
The hashcat package will fail if the system's processor is not "GenuineIntel", see below: https://github.com/mandiant/VM-Packages/blob/eac039ddb9852d3cc155a400895de4bebeb1ccfc/packages/hashcat.vm/tools/chocolateyinstall.ps1#L20-L26 However, the GitHub actions to test installation may use non-GenuineIntel processors and the package will...
Currently the `dnspyex` package only links the console version. Let's add the shortcut for the GUI as well https://github.com/mandiant/VM-Packages/blob/6ea288dcb97b8f4fd2556971c7581b8622606c8c/packages/dnspyex.vm/tools/chocolateyinstall.ps1#L7 Also, after looking at https://community.chocolatey.org/packages/dnspyex#files we may need to write our...
# Overview Currently, dependencies install using default everything. However, chocolatey allows passing parameters to dependencies by coupling two command-line arguments: `--params-global` and `--params` (syntax `--params '/PARAM1:value1 /PARAMFLAG'`). As an example,...