0xThiebaut / SignaturesLinks
π§ Currently transfering TLP:CLEAR rules from TLP:AMBER repository...
β21Updated last year
Alternatives and similar repositories for Signatures
Users that are interested in Signatures are comparing it to the libraries listed below
Sorting:
- Modular malware analysis artifact collection and correlation frameworkβ53Updated last year
- USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is execβ¦β20Updated 2 years ago
- Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testingβ23Updated 2 years ago
- Yara Rules for Modern Malwareβ77Updated last year
- Tools for offensive security of NetBackup infrastructuresβ41Updated 2 years ago
- β27Updated 3 years ago
- Identifies metadata of .NET binary files.β21Updated last year
- a tiny program to consume from ETW providers for researchβ51Updated 7 months ago
- MITRE TTPs derived from Conti's leaked playbooks from XSS.ISβ39Updated 3 years ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.β27Updated 2 years ago
- bootloaders.io is a curated list of known malicious bootloaders for various operating systems. The project aims to assist security profesβ¦β64Updated last year
- Tools helpful for malware analysisβ23Updated last year
- Imphash-like calculation on Golang binariesβ49Updated 3 years ago
- Lazarus analysis tools and research reportβ56Updated last year
- β27Updated 8 months ago
- Reads and prints information from the website MalAPI.ioβ19Updated 3 years ago
- Python wrappers for mal_unpackβ36Updated last year
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!β83Updated 2 years ago
- β30Updated 9 months ago
- A scanner that files with compromised or untrusted code signing certificates written in python.β65Updated last year
- HTTP Headers Hashing (HHHash) is a technique used to create a fingerprint of an HTTP server based on the headers it returns.β77Updated 2 years ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablinβ¦β46Updated 2 years ago
- Repo containing my public talksβ23Updated 2 years ago
- Static Decryptor for IcedID Malwareβ18Updated 2 years ago
- Golang bindings for PE-sieveβ42Updated last year
- β34Updated 2 years ago
- Collection of generic YARA rulesβ16Updated last year
- β23Updated last year
- Keep it secret, keep it safeβ77Updated 6 months ago
- Dumping credentials through windbg and pykdβ41Updated last year