ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+125.13%)
Freki🐺 Malware analysis platform
Stars: ✭ 285 (+46.15%)
RpotReal-time Packet Observation Tool
Stars: ✭ 38 (-80.51%)
static file analysisAnalysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
Stars: ✭ 34 (-82.56%)
Icewater16,432 Free Yara rules created by
Stars: ✭ 324 (+66.15%)
freki🐺 Malware analysis platform
Stars: ✭ 327 (+67.69%)
IocsIoC's, PCRE's, YARA's etc
Stars: ✭ 15 (-92.31%)
ThreatKBKnowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
Stars: ✭ 68 (-65.13%)
BalbuzardBalbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns.
Stars: ✭ 70 (-64.1%)
YaraThe pattern matching swiss knife
Stars: ✭ 5,209 (+2571.28%)
Analyzer🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more
Stars: ✭ 108 (-44.62%)
Yara PythonThe Python interface for YARA
Stars: ✭ 368 (+88.72%)
PecliCLI tool to analyze PE files
Stars: ✭ 46 (-76.41%)
Python IocextractDefanged Indicator of Compromise (IOC) Extractor.
Stars: ✭ 300 (+53.85%)
ThreathuntingTools for hunting for threats.
Stars: ✭ 153 (-21.54%)
MqueryYARA malware query accelerator (web frontend)
Stars: ✭ 264 (+35.38%)
Malware IocIndicators of Compromises (IOC) of our various investigations
Stars: ✭ 955 (+389.74%)
MeltingPotA tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.
Stars: ✭ 23 (-88.21%)
Lw YaraYara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies
Stars: ✭ 78 (-60%)
apooxmlGenerate YARA rules for OOXML documents.
Stars: ✭ 34 (-82.56%)
Holmes TotemInvestigation Planner for fast running analysis with predictable execution time. For example, static analysis.
Stars: ✭ 25 (-87.18%)
ManalyzeA static analyzer for PE executables.
Stars: ✭ 701 (+259.49%)
UrsadbTrigram database written in C++, suited for malware indexing
Stars: ✭ 72 (-63.08%)
PlyaraParse YARA rules and operate over them more easily.
Stars: ✭ 108 (-44.62%)
MultiscannerModular file scanning/analysis framework
Stars: ✭ 494 (+153.33%)
BinaryalertBinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
Stars: ✭ 1,125 (+476.92%)
PeframePEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.
Stars: ✭ 472 (+142.05%)
YaraguardianDjango web interface for managing Yara rules
Stars: ✭ 156 (-20%)
StrelkaReal-time, container-based file scanning at enterprise scale
Stars: ✭ 387 (+98.46%)
YarasigsVarious Yara signatures (possibly to be included in a release later).
Stars: ✭ 59 (-69.74%)
StoqAn open source framework for enterprise level automated analysis.
Stars: ✭ 352 (+80.51%)
Awesome YaraA curated list of awesome YARA rules, tools, and people.
Stars: ✭ 1,394 (+614.87%)
HamburglarHamburglar -- collect useful information from urls, directories, and files
Stars: ✭ 321 (+64.62%)
ApkidAndroid Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
Stars: ✭ 999 (+412.31%)
Yara RulesRepository of YARA rules made by McAfee ATR Team
Stars: ✭ 283 (+45.13%)
DailyiocIOC from articles, tweets for archives
Stars: ✭ 167 (-14.36%)
BinjadockAn extendable, tabbed, dockable UI widget plugin for BinaryNinja https://binary.ninja.
Stars: ✭ 34 (-82.56%)
YobiYara Based Detection Engine for web browsers
Stars: ✭ 39 (-80%)
Signature BaseSignature base for my scanner tools
Stars: ✭ 1,212 (+521.54%)
yarasploitYaraSploit is a collection of Yara rules generated from Metasploit framework shellcodes.
Stars: ✭ 31 (-84.1%)
Operation WocaoOperation Wocao - Indicators of Compromise
Stars: ✭ 29 (-85.13%)
yara-rulesYara rules written by me, for free use.
Stars: ✭ 13 (-93.33%)
IocsSophos-originated indicators-of-compromise from published reports
Stars: ✭ 128 (-34.36%)
YaraSyntaxYARA package for Sublime Text
Stars: ✭ 15 (-92.31%)
DidierstevenssuitePlease no pull requests for this repository. Thanks!
Stars: ✭ 856 (+338.97%)
yaramanagerSimple yara rule manager
Stars: ✭ 60 (-69.23%)
Yara EndpointYara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
Stars: ✭ 75 (-61.54%)
YargenyarGen is a generator for YARA rules
Stars: ✭ 795 (+307.69%)
LokiLoki - Simple IOC and Incident Response Scanner
Stars: ✭ 2,217 (+1036.92%)
Walkoff AppsWALKOFF-enabled applications. #nsacyber
Stars: ✭ 125 (-35.9%)
MascA Web Malware Scanner
Stars: ✭ 74 (-62.05%)
Ghidra scriptsScripts for the Ghidra software reverse engineering suite.
Stars: ✭ 732 (+275.38%)