ThreatKBKnowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
Stars: ✭ 68 (+119.35%)
threat-intelSignatures and IoCs from public Volexity blog posts.
Stars: ✭ 130 (+319.35%)
yara-rulesYara rules written by me, for free use.
Stars: ✭ 13 (-58.06%)
PEiDYet another implementation of PEiD with yara
Stars: ✭ 12 (-61.29%)
yara-validatorValidates yara rules and tries to repair the broken ones.
Stars: ✭ 37 (+19.35%)
Judge-Jury-and-ExecutableA file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Stars: ✭ 66 (+112.9%)
static file analysisAnalysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
Stars: ✭ 34 (+9.68%)
yara-forensicsSet of Yara rules for finding files using magics headers
Stars: ✭ 115 (+270.97%)
HyaraYara rule making tool (IDA Pro & Binary Ninja & Cutter Plugin)
Stars: ✭ 142 (+358.06%)
LokiLoki - Simple IOC and Incident Response Scanner
Stars: ✭ 2,217 (+7051.61%)
factual-rules-generatorFactual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
Stars: ✭ 62 (+100%)
moleYara powered NIDS with high speed packet capture powered by PF_RING
Stars: ✭ 51 (+64.52%)
FunnelFunnel is a lightweight yara-based feed scraper
Stars: ✭ 38 (+22.58%)
Jasmin-RansomwareJasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.
Stars: ✭ 84 (+170.97%)
REW-sploitEmulate and Dissect MSF and *other* attacks
Stars: ✭ 115 (+270.97%)
yaramanagerSimple yara rule manager
Stars: ✭ 60 (+93.55%)
yara-rustRust bindings for VirusTotal/Yara
Stars: ✭ 35 (+12.9%)
yaraMalice Yara Plugin
Stars: ✭ 27 (-12.9%)
trolotrolo - an easy to use script for generating Payloads that bypasses antivirus
Stars: ✭ 45 (+45.16%)
VirusX5The Most Powerful Fake Page Redirecting tool...
Stars: ✭ 15 (-51.61%)
VegileThis tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell
Stars: ✭ 601 (+1838.71%)
ImHex-PatternsHex patterns, include patterns and magic files for the use with the ImHex Hex Editor
Stars: ✭ 192 (+519.35%)
S1EMThis project is a SIEM with SIRP and Threat Intel, all in one.
Stars: ✭ 270 (+770.97%)
searchscanSearch Nmap and Metasploit scanning scripts.
Stars: ✭ 51 (+64.52%)
YaraStationYara station is a management portal for Neo23x0-Loki. The mission is to transform the standalone nature of the Loki scanner into a centralized management solution that facilitates result investigation and easier scanning capabilities.
Stars: ✭ 25 (-19.35%)
vim-syntax-yaraA Vim syntax-highlighting file for YARA rules
Stars: ✭ 26 (-16.13%)
detectionDetection in the form of Yara, Snort and ClamAV signatures.
Stars: ✭ 70 (+125.81%)
python-icap-yaraAn ICAP Server with yara scanner for URL and content.
Stars: ✭ 50 (+61.29%)
r2yarar2yara - Module for Yara using radare2 information
Stars: ✭ 30 (-3.23%)
007-TheBondThis Script will help you to gather information about your victim or friend.
Stars: ✭ 371 (+1096.77%)
RC-exploiterNOT SUPORTED ANYMORE -- try resource_files repository (mosquito)
Stars: ✭ 50 (+61.29%)
YaraHuntsRandom hunting ordiented yara rules
Stars: ✭ 86 (+177.42%)
Kali-Linux-EbooksTop 20 Kali Linux Related E-books (Free Download)
Stars: ✭ 134 (+332.26%)
yara-parserTools for parsing rulesets using the exact grammar as YARA. Written in Go.
Stars: ✭ 69 (+122.58%)
secist scriptNo description or website provided.
Stars: ✭ 86 (+177.42%)
RapidRepoPullThe goal of this program is to quickly pull and install repos from its list
Stars: ✭ 40 (+29.03%)
binlexA Binary Genetic Traits Lexer Framework
Stars: ✭ 303 (+877.42%)
staekkaStækka Metasploit - Extenting Metasploit
Stars: ✭ 51 (+64.52%)
yara-exporterExporting MISP event attributes to yara rules usable with Thor apt scanner
Stars: ✭ 22 (-29.03%)
swisscheeseExploits for YARA 3.7.1 & 3.8.1
Stars: ✭ 26 (-16.13%)
rtfsigA tool to help malware analysts signature unique parts of RTF documents
Stars: ✭ 28 (-9.68%)
MsfManiaPython AV Evasion Tools
Stars: ✭ 388 (+1151.61%)
Drupalgeddon3Drupal < 7.58 - Drupalgeddon 3 Authenticated Remote Code Execution (Metasploit)
Stars: ✭ 18 (-41.94%)
msf-opcuaMetasploit Modules for OPC UA
Stars: ✭ 22 (-29.03%)
uzenWebsite crawler with YARA detection
Stars: ✭ 84 (+170.97%)
JALSIJALSI - Just Another Lame Shellcode Injector
Stars: ✭ 29 (-6.45%)
YaraSyntaxYARA package for Sublime Text
Stars: ✭ 15 (-51.61%)
AndspoiltRun interactive android exploits in linux.
Stars: ✭ 101 (+225.81%)
whohkwhohk,linux下一款强大的应急响应工具 在linux下的应急响应往往需要通过繁琐的命令行来查看各个点的情况,有的时候还需要做一些格式处理,这对于linux下命令不是很熟悉的人比较不友好。本工具将linux下应急响应中常用的一些操作给集合了起来,并处理成了较为友好的格式,只需要通过一个参数就能代替繁琐复杂的命令来实现对各个点的检查。
Stars: ✭ 260 (+738.71%)
MeltingPotA tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.
Stars: ✭ 23 (-25.81%)
EternalblueEternalblue written in CSharp. Contains version detection, vulnerability scanner and exploit of MS17-010
Stars: ✭ 150 (+383.87%)
apooxmlGenerate YARA rules for OOXML documents.
Stars: ✭ 34 (+9.68%)
CnC-detectionDetecting PowerShell Empire, Metasploit Meterpreter and Cobalt Strike agents by payload size sequence analysis and host correlation
Stars: ✭ 15 (-51.61%)