0xThiebaut / SignaturesLinks
π§ Currently transfering TLP:CLEAR rules from TLP:AMBER repository...
β21Updated last year
Alternatives and similar repositories for Signatures
Users that are interested in Signatures are comparing it to the libraries listed below
Sorting:
- USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is execβ¦β20Updated 2 years ago
- Identifies metadata of .NET binary files.β21Updated last year
- β27Updated 6 months ago
- Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testingβ21Updated 2 years ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.β27Updated 2 years ago
- Modular malware analysis artifact collection and correlation frameworkβ53Updated last year
- Collection of generic YARA rulesβ16Updated 11 months ago
- β30Updated 6 months ago
- β33Updated 3 years ago
- Static Decryptor for IcedID Malwareβ18Updated 2 years ago
- The repository accompanying the Buer Emulation workshopβ24Updated 3 years ago
- β23Updated last year
- β18Updated last year
- Specialized tool to dump Position Independent Code.β22Updated 4 years ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablinβ¦β43Updated 2 years ago
- Repository of Volatility3 pluginsβ21Updated 2 years ago
- a tiny program to consume from ETW providers for researchβ48Updated 4 months ago
- Static configuration extractor for the Karton frameworkβ10Updated 4 months ago
- Golang bindings for PE-sieveβ43Updated last year
- Defeating Anti-Debugging Techniques for Malware Analysisβ13Updated 2 years ago
- Collection of my own detection rulesβ20Updated last year
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.β21Updated 10 months ago
- bootloaders.io is a curated list of known malicious bootloaders for various operating systems. The project aims to assist security profesβ¦β60Updated last year
- β45Updated last year
- MITRE TTPs derived from Conti's leaked playbooks from XSS.ISβ38Updated 3 years ago
- AutoPoC Generator HoneyPoCβ35Updated last month
- Quick test for CVE-2023-26025 behavioursβ12Updated last year
- Triaging Windows event logs based on SANS Posterβ39Updated 2 years ago
- Reads and prints information from the website MalAPI.ioβ19Updated 2 years ago
- Small visualizator for PE filesβ69Updated last year