Python IocextractDefanged Indicator of Compromise (IOC) Extractor.
Stars: ✭ 300 (+134.38%)
MeltingPotA tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.
Stars: ✭ 23 (-82.03%)
Holmes TotemInvestigation Planner for fast running analysis with predictable execution time. For example, static analysis.
Stars: ✭ 25 (-80.47%)
Yara PythonThe Python interface for YARA
Stars: ✭ 368 (+187.5%)
factual-rules-generatorFactual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
Stars: ✭ 62 (-51.56%)
Malware IocIndicators of Compromises (IOC) of our various investigations
Stars: ✭ 955 (+646.09%)
MqueryYARA malware query accelerator (web frontend)
Stars: ✭ 264 (+106.25%)
BalbuzardBalbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns.
Stars: ✭ 70 (-45.31%)
apooxmlGenerate YARA rules for OOXML documents.
Stars: ✭ 34 (-73.44%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+242.97%)
HyaraYara rule making tool (IDA Pro & Binary Ninja & Cutter Plugin)
Stars: ✭ 142 (+10.94%)
RpotReal-time Packet Observation Tool
Stars: ✭ 38 (-70.31%)
Icewater16,432 Free Yara rules created by
Stars: ✭ 324 (+153.13%)
MascA Web Malware Scanner
Stars: ✭ 74 (-42.19%)
Freki🐺 Malware analysis platform
Stars: ✭ 285 (+122.66%)
IocsIoC's, PCRE's, YARA's etc
Stars: ✭ 15 (-88.28%)
freki🐺 Malware analysis platform
Stars: ✭ 327 (+155.47%)
static file analysisAnalysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
Stars: ✭ 34 (-73.44%)
Ghidra scriptsScripts for the Ghidra software reverse engineering suite.
Stars: ✭ 732 (+471.88%)
ThreatKBKnowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
Stars: ✭ 68 (-46.87%)
FunnelFunnel is a lightweight yara-based feed scraper
Stars: ✭ 38 (-70.31%)
PeframePEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.
Stars: ✭ 472 (+268.75%)
swisscheeseExploits for YARA 3.7.1 & 3.8.1
Stars: ✭ 26 (-79.69%)
ApkidAndroid Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
Stars: ✭ 999 (+680.47%)
StrelkaReal-time, container-based file scanning at enterprise scale
Stars: ✭ 387 (+202.34%)
Yara EndpointYara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
Stars: ✭ 75 (-41.41%)
StoqAn open source framework for enterprise level automated analysis.
Stars: ✭ 352 (+175%)
BinjadockAn extendable, tabbed, dockable UI widget plugin for BinaryNinja https://binary.ninja.
Stars: ✭ 34 (-73.44%)
HamburglarHamburglar -- collect useful information from urls, directories, and files
Stars: ✭ 321 (+150.78%)
Awesome YaraA curated list of awesome YARA rules, tools, and people.
Stars: ✭ 1,394 (+989.06%)
Yara RulesRepository of YARA rules made by McAfee ATR Team
Stars: ✭ 283 (+121.09%)
Operation WocaoOperation Wocao - Indicators of Compromise
Stars: ✭ 29 (-77.34%)
UrsadbTrigram database written in C++, suited for malware indexing
Stars: ✭ 72 (-43.75%)
YobiYara Based Detection Engine for web browsers
Stars: ✭ 39 (-69.53%)
DidierstevenssuitePlease no pull requests for this repository. Thanks!
Stars: ✭ 856 (+568.75%)
yarasploitYaraSploit is a collection of Yara rules generated from Metasploit framework shellcodes.
Stars: ✭ 31 (-75.78%)
PlyaraParse YARA rules and operate over them more easily.
Stars: ✭ 108 (-15.62%)
yara-rulesYara rules written by me, for free use.
Stars: ✭ 13 (-89.84%)
YargenyarGen is a generator for YARA rules
Stars: ✭ 795 (+521.09%)
YaraSyntaxYARA package for Sublime Text
Stars: ✭ 15 (-88.28%)
BinaryalertBinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
Stars: ✭ 1,125 (+778.91%)
yaramanagerSimple yara rule manager
Stars: ✭ 60 (-53.12%)
ManalyzeA static analyzer for PE executables.
Stars: ✭ 701 (+447.66%)
Signature BaseSignature base for my scanner tools
Stars: ✭ 1,212 (+846.88%)
python-icap-yaraAn ICAP Server with yara scanner for URL and content.
Stars: ✭ 50 (-60.94%)
yara-rustRust bindings for VirusTotal/Yara
Stars: ✭ 35 (-72.66%)
YarasigsVarious Yara signatures (possibly to be included in a release later).
Stars: ✭ 59 (-53.91%)
MultiscannerModular file scanning/analysis framework
Stars: ✭ 494 (+285.94%)
Walkoff AppsWALKOFF-enabled applications. #nsacyber
Stars: ✭ 125 (-2.34%)
Analyzer🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more
Stars: ✭ 108 (-15.62%)
Lw YaraYara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies
Stars: ✭ 78 (-39.06%)
PecliCLI tool to analyze PE files
Stars: ✭ 46 (-64.06%)
YaraThe pattern matching swiss knife
Stars: ✭ 5,209 (+3969.53%)