Reverse Engineering

ghidra2bytes.py - Converts Ghidra hexdump to bytes. Can be used to perform manual XOR decryption (or via XORTool)
deflate.py - Decode PowerShell's DeflateStream(MemoryIOStream) with Python