YarasigsVarious Yara signatures (possibly to be included in a release later).
Stars: ✭ 59 (-29.76%)
DidierstevenssuitePlease no pull requests for this repository. Thanks!
Stars: ✭ 856 (+919.05%)
YaraguardianDjango web interface for managing Yara rules
Stars: ✭ 156 (+85.71%)
UrsadbTrigram database written in C++, suited for malware indexing
Stars: ✭ 72 (-14.29%)
MultiscannerModular file scanning/analysis framework
Stars: ✭ 494 (+488.1%)
Go YaraGo bindings for YARA
Stars: ✭ 198 (+135.71%)
BinjadockAn extendable, tabbed, dockable UI widget plugin for BinaryNinja https://binary.ninja.
Stars: ✭ 34 (-59.52%)
CrawlerSamplesThis is a Puppeteer+AngleSharp crawler console app samples, used C# 7.1 coding and dotnet core build.
Stars: ✭ 36 (-57.14%)
ManalyzeA static analyzer for PE executables.
Stars: ✭ 701 (+734.52%)
PlyaraParse YARA rules and operate over them more easily.
Stars: ✭ 108 (+28.57%)
Yara EndpointYara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
Stars: ✭ 75 (-10.71%)
StrelkaReal-time, container-based file scanning at enterprise scale
Stars: ✭ 387 (+360.71%)
Yara RulesA collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
Stars: ✭ 206 (+145.24%)
BinaryalertBinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
Stars: ✭ 1,125 (+1239.29%)
PEiDYet another implementation of PEiD with yara
Stars: ✭ 12 (-85.71%)
ApkidAndroid Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
Stars: ✭ 999 (+1089.29%)
DailyiocIOC from articles, tweets for archives
Stars: ✭ 167 (+98.81%)
Operation WocaoOperation Wocao - Indicators of Compromise
Stars: ✭ 29 (-65.48%)
YargenyarGen is a generator for YARA rules
Stars: ✭ 795 (+846.43%)
IocsSophos-originated indicators-of-compromise from published reports
Stars: ✭ 128 (+52.38%)
capybara-chromeChrome driver for Capybara using Chrome's remote debugging protocol
Stars: ✭ 27 (-67.86%)
PeframePEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.
Stars: ✭ 472 (+461.9%)
Awesome YaraA curated list of awesome YARA rules, tools, and people.
Stars: ✭ 1,394 (+1559.52%)
Lw YaraYara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies
Stars: ✭ 78 (-7.14%)
Yara PythonThe Python interface for YARA
Stars: ✭ 368 (+338.1%)
YextendYara integrated software to handle archive file data.
Stars: ✭ 207 (+146.43%)
MascA Web Malware Scanner
Stars: ✭ 74 (-11.9%)
Judge-Jury-and-ExecutableA file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Stars: ✭ 66 (-21.43%)
BalbuzardBalbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns.
Stars: ✭ 70 (-16.67%)
yara-exporterExporting MISP event attributes to yara rules usable with Thor apt scanner
Stars: ✭ 22 (-73.81%)
PecliCLI tool to analyze PE files
Stars: ✭ 46 (-45.24%)
RpotReal-time Packet Observation Tool
Stars: ✭ 38 (-54.76%)
puppeteer-lambdaModule for using Headless-Chrome by Puppeteer on AWS Lambda.
Stars: ✭ 117 (+39.29%)
Malware IocIndicators of Compromises (IOC) of our various investigations
Stars: ✭ 955 (+1036.9%)
LokiLoki - Simple IOC and Incident Response Scanner
Stars: ✭ 2,217 (+2539.29%)
IocsIoC's, PCRE's, YARA's etc
Stars: ✭ 15 (-82.14%)
apify-cliApify command-line interface helps you create, develop, build and run Apify actors, and manage the Apify cloud platform.
Stars: ✭ 37 (-55.95%)
Holmes TotemInvestigation Planner for fast running analysis with predictable execution time. For example, static analysis.
Stars: ✭ 25 (-70.24%)
ThreathuntingTools for hunting for threats.
Stars: ✭ 153 (+82.14%)
Ghidra scriptsScripts for the Ghidra software reverse engineering suite.
Stars: ✭ 732 (+771.43%)
pyarascannerA simple many-rules to many-files YARA scanner for incident response or malware zoos.
Stars: ✭ 23 (-72.62%)
Walkoff AppsWALKOFF-enabled applications. #nsacyber
Stars: ✭ 125 (+48.81%)
puppet-masterPuppeteer as a service hosted on Saasify.
Stars: ✭ 25 (-70.24%)
YaraThe pattern matching swiss knife
Stars: ✭ 5,209 (+6101.19%)
Analyzer🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more
Stars: ✭ 108 (+28.57%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+422.62%)
Pepper An open source script to perform malware static analysis on Portable Executable
Stars: ✭ 250 (+197.62%)
api2pdf.phpPHP client library for the Api2Pdf.com REST API - Convert HTML to PDF, URL to PDF, Office Docs to PDF, Merge PDFs, HTML to Image, URL to Image, HTML to Docx, HTML to Xlsx, PDF to HTML, Thumbnail preview of office files
Stars: ✭ 42 (-50%)
chrome-runnerrun chrome with nodejs in code
Stars: ✭ 16 (-80.95%)
whohkwhohk,linux下一款强大的应急响应工具 在linux下的应急响应往往需要通过繁琐的命令行来查看各个点的情况,有的时候还需要做一些格式处理,这对于linux下命令不是很熟悉的人比较不友好。本工具将linux下应急响应中常用的一些操作给集合了起来,并处理成了较为友好的格式,只需要通过一个参数就能代替繁琐复杂的命令来实现对各个点的检查。
Stars: ✭ 260 (+209.52%)
FsfFile Scanning Framework
Stars: ✭ 228 (+171.43%)
Signature BaseSignature base for my scanner tools
Stars: ✭ 1,212 (+1342.86%)