0xThiebaut / SignaturesLinks
π§ Currently transfering TLP:CLEAR rules from TLP:AMBER repository...
β21Updated last year
Alternatives and similar repositories for Signatures
Users that are interested in Signatures are comparing it to the libraries listed below
Sorting:
- Modular malware analysis artifact collection and correlation frameworkβ53Updated last year
- Yara Rules for Modern Malwareβ78Updated last year
- Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testingβ22Updated 2 years ago
- Tools for offensive security of NetBackup infrastructuresβ41Updated 2 years ago
- bootloaders.io is a curated list of known malicious bootloaders for various operating systems. The project aims to assist security profesβ¦β63Updated last year
- Reads and prints information from the website MalAPI.ioβ19Updated 3 years ago
- β19Updated last year
- FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.β57Updated 2 months ago
- Tools helpful for malware analysisβ23Updated 11 months ago
- Lazarus analysis tools and research reportβ56Updated last year
- Imphash-like calculation on Golang binariesβ49Updated 3 years ago
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!β83Updated 2 years ago
- A scanner that files with compromised or untrusted code signing certificates written in python.β65Updated last year
- USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is execβ¦β20Updated 2 years ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablinβ¦β46Updated 2 years ago
- β27Updated 8 months ago
- Identifies metadata of .NET binary files.β21Updated last year
- Sandbox samples and monitor them with kunaiβ25Updated last month
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.β27Updated 2 years ago
- Linux #rootkit and #malware revealerβ26Updated last year
- HTTP Headers Hashing (HHHash) is a technique used to create a fingerprint of an HTTP server based on the headers it returns.β77Updated last year
- VBScript & VBA source-to-source deobfuscator with partial-evaluationβ80Updated 11 months ago
- β27Updated 3 years ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.β23Updated last year
- Repository of Volatility3 pluginsβ22Updated 2 years ago
- a tiny program to consume from ETW providers for researchβ50Updated 6 months ago
- 100 Days of YARA to be updated with rules & ideas as the year progressesβ60Updated 2 years ago
- A proof-of-concept re-assembler for reverse VNC traffic.β25Updated 2 years ago
- A simple command line program to help defender test their detections for network beacon patterns and domain frontingβ69Updated 3 years ago
- β34Updated 2 years ago