467 Open source projects that are alternatives of or similar to r2yara

Indicators of Compromises (IOC) of our various investigations

Malice Yara Plugin

Radare 2 wiki

Modular file scanning/analysis framework

🐺 Malware analysis platform

🐺 Malware analysis platform

Detect potentially malicious PHP files

yarGen is a generator for YARA rules

A Binary Genetic Traits Lexer Framework

Generate YARA rules for OOXML documents.

This project is a SIEM with SIRP and Threat Intel, all in one.

CLI tool to analyze PE files

A static analyzer for PE executables.

YARA malware query accelerator (web frontend)

Yara Based Detection Engine for web browsers

Trigram database written in C++, suited for malware indexing

An open source script to perform malware static analysis on Portable Executable

Demonstrate about file-less malware approach using JavaScript

A simple library focusing on demangling symbols for different programing languages

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)

Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.

Batch Antivirus, a powerful antivirus suite written in batch with real-time protection and heuristical scanning.

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

DGA Domain Detection using Bigram Frequency Analysis

trolo - an easy to use script for generating Payloads that bypasses antivirus

Fast setup wireguard server script, with dnscrypt and adblocking, maleware blocking, more blocking if you need. Use case eg. always on vpn and adblocking on ios or android, and be more secured in unknown networks.

Stash for Binary Exploitation and Reverse Engineering Resources

Created a VERY SIMPLE remote access Trojan that will establish administrative control over any windows machine it compromises.

A Vim syntax-highlighting file for YARA rules

Set of Yara rules for finding files using magics headers

Notifies the user when macOS Security components like Gatekeeper and XProtect have been updated

Powerful batch script to dismantle complete windows defender protection and even bypass tamper protection ..Disable Windows-Defender Permanently....Hack windows. POC

Tools for parsing rulesets using the exact grammar as YARA. Written in Go.

Ghidra plugin to start an r2 webserver to let r2 interact with it

Malware Sample Sources

Research tools for analysing Cerberus banking trojan.

A radare2 Python script to dump a raw IA32 binary to an NASM source file

A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.

Who and what to follow in the world of cyber security

mirror of https://mypdns.org/my-privacy-dns/matrix as it is obviously no longer safe to do Girhub nor have we no longer any trust in them. See https://mypdns.org/my-privacy-dns/porn-records/-/issues/1347

Remote administration tool with Qt5

🙀 Icon Changer, File Pumper & Extension Spoofer - Quickly Modify Executable Files

Automatic analysis of SWF files based on some heuristics. Extensible via plugins.

A repository full of malware samples.

🥓 Grab info needed by Carbonara from executables and disassemblers databases

ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solutions that clash with standard anti-debug methods.

Signatures and IoCs from public Volexity blog posts.

Ubuntu on QNAP TS-453Be

Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs

SMTP server / sinkhole for collecting spam

ThePhish: an automated phishing email analysis tool

Hex patterns, include patterns and magic files for the use with the ImHex Hex Editor

Exam Prep for the Ec-council Certified Ethical Hacker 312-50

A curated list of awesome resources related to executable packing

Quescis is a powerful Remote Access Trojan for windows 💻 on C++

⚙️ ArminC's settings for uBlock₀ - remove most of the ads, pop-ups and trackers.

👽 Program for remote control of windows computers via telegram bot. Written in C#

Virus Exchange (VX) - Collection of malware or assembly code used for "offensive" purposed.

Tools to reverse the Toshiba FlashAir SD cards