yara-rulesYara rules written by me, for free use.
Stars: ✭ 13 (-90%)
nsm-attackMapping NSM rules to MITRE ATT&CK
Stars: ✭ 53 (-59.23%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+237.69%)
yara-forensicsSet of Yara rules for finding files using magics headers
Stars: ✭ 115 (-11.54%)
freki🐺 Malware analysis platform
Stars: ✭ 327 (+151.54%)
Analyzer🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more
Stars: ✭ 108 (-16.92%)
LokiLoki - Simple IOC and Incident Response Scanner
Stars: ✭ 2,217 (+1605.38%)
Python IocextractDefanged Indicator of Compromise (IOC) Extractor.
Stars: ✭ 300 (+130.77%)
ThreatKBKnowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
Stars: ✭ 68 (-47.69%)
Judge-Jury-and-ExecutableA file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Stars: ✭ 66 (-49.23%)
static file analysisAnalysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
Stars: ✭ 34 (-73.85%)
yarasploitYaraSploit is a collection of Yara rules generated from Metasploit framework shellcodes.
Stars: ✭ 31 (-76.15%)
yara-validatorValidates yara rules and tries to repair the broken ones.
Stars: ✭ 37 (-71.54%)
HyaraYara rule making tool (IDA Pro & Binary Ninja & Cutter Plugin)
Stars: ✭ 142 (+9.23%)
Signature BaseSignature base for my scanner tools
Stars: ✭ 1,212 (+832.31%)
factual-rules-generatorFactual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
Stars: ✭ 62 (-52.31%)
Freki🐺 Malware analysis platform
Stars: ✭ 285 (+119.23%)
PEiDYet another implementation of PEiD with yara
Stars: ✭ 12 (-90.77%)
UrsadbTrigram database written in C++, suited for malware indexing
Stars: ✭ 72 (-44.62%)
Go YaraGo bindings for YARA
Stars: ✭ 198 (+52.31%)
BinaryalertBinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
Stars: ✭ 1,125 (+765.38%)
YarasigsVarious Yara signatures (possibly to be included in a release later).
Stars: ✭ 59 (-54.62%)
pyarascannerA simple many-rules to many-files YARA scanner for incident response or malware zoos.
Stars: ✭ 23 (-82.31%)
DailyiocIOC from articles, tweets for archives
Stars: ✭ 167 (+28.46%)
ApkidAndroid Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
Stars: ✭ 999 (+668.46%)
MascA Web Malware Scanner
Stars: ✭ 74 (-43.08%)
BalbuzardBalbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns.
Stars: ✭ 70 (-46.15%)
PecliCLI tool to analyze PE files
Stars: ✭ 46 (-64.62%)
d4-coreD4 core software (server and sample sensor client)
Stars: ✭ 40 (-69.23%)
RpotReal-time Packet Observation Tool
Stars: ✭ 38 (-70.77%)
BinjadockAn extendable, tabbed, dockable UI widget plugin for BinaryNinja https://binary.ninja.
Stars: ✭ 34 (-73.85%)
mail to mispConnect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
Stars: ✭ 61 (-53.08%)
Malware IocIndicators of Compromises (IOC) of our various investigations
Stars: ✭ 955 (+634.62%)
YaraguardianDjango web interface for managing Yara rules
Stars: ✭ 156 (+20%)
Operation WocaoOperation Wocao - Indicators of Compromise
Stars: ✭ 29 (-77.69%)
IocsIoC's, PCRE's, YARA's etc
Stars: ✭ 15 (-88.46%)
ThreathuntingTools for hunting for threats.
Stars: ✭ 153 (+17.69%)
DidierstevenssuitePlease no pull requests for this repository. Thanks!
Stars: ✭ 856 (+558.46%)
Holmes TotemInvestigation Planner for fast running analysis with predictable execution time. For example, static analysis.
Stars: ✭ 25 (-80.77%)
uzenWebsite crawler with YARA detection
Stars: ✭ 84 (-35.38%)
whohkwhohk,linux下一款强大的应急响应工具 在linux下的应急响应往往需要通过繁琐的命令行来查看各个点的情况,有的时候还需要做一些格式处理,这对于linux下命令不是很熟悉的人比较不友好。本工具将linux下应急响应中常用的一些操作给集合了起来,并处理成了较为友好的格式,只需要通过一个参数就能代替繁琐复杂的命令来实现对各个点的检查。
Stars: ✭ 260 (+100%)
CCXDiggerThe CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.
Stars: ✭ 45 (-65.38%)
IocsSophos-originated indicators-of-compromise from published reports
Stars: ✭ 128 (-1.54%)
YargenyarGen is a generator for YARA rules
Stars: ✭ 795 (+511.54%)
Ghidra scriptsScripts for the Ghidra software reverse engineering suite.
Stars: ✭ 732 (+463.08%)
Walkoff AppsWALKOFF-enabled applications. #nsacyber
Stars: ✭ 125 (-3.85%)
ManalyzeA static analyzer for PE executables.
Stars: ✭ 701 (+439.23%)
Pepper An open source script to perform malware static analysis on Portable Executable
Stars: ✭ 250 (+92.31%)
PlyaraParse YARA rules and operate over them more easily.
Stars: ✭ 108 (-16.92%)
MultiscannerModular file scanning/analysis framework
Stars: ✭ 494 (+280%)
YaraThe pattern matching swiss knife
Stars: ✭ 5,209 (+3906.92%)
FsfFile Scanning Framework
Stars: ✭ 228 (+75.38%)