0xThiebaut / SignaturesLinks
π§ Currently transfering TLP:CLEAR rules from TLP:AMBER repository...
β21Updated last year
Alternatives and similar repositories for Signatures
Users that are interested in Signatures are comparing it to the libraries listed below
Sorting:
- USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is execβ¦β20Updated 2 years ago
- Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testingβ21Updated 2 years ago
- Collection of generic YARA rulesβ16Updated last year
- β27Updated 6 months ago
- Python wrappers for mal_unpackβ36Updated last year
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablinβ¦β45Updated 2 years ago
- β22Updated last year
- Slides from my talk at the Adversary Village, Defcon 30β29Updated 2 years ago
- The repository accompanying the Buer Emulation workshopβ24Updated 3 years ago
- β30Updated 7 months ago
- Lazarus analysis tools and research reportβ56Updated last year
- Tools for offensive security of NetBackup infrastructuresβ41Updated 2 years ago
- Identifies metadata of .NET binary files.β21Updated last year
- A proof-of-concept re-assembler for reverse VNC traffic.β25Updated 2 years ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.β27Updated 2 years ago
- β19Updated 7 months ago
- Static Decryptor for IcedID Malwareβ18Updated 2 years ago
- Specialized tool to dump Position Independent Code.β22Updated 4 years ago
- Dumping credentials through windbg and pykdβ41Updated last year
- Modular malware analysis artifact collection and correlation frameworkβ53Updated last year
- β33Updated 3 years ago
- Collection of my own detection rulesβ20Updated last year
- Utility to inject honey tokens into lsass.β28Updated 8 years ago
- Malware campaigns and APTs research by BlackArrowβ18Updated 5 years ago
- Resources and Discussions About Detection Engineeringβ12Updated 2 years ago
- β18Updated last year
- Yara rulesβ21Updated 2 years ago
- β34Updated 2 years ago
- Automated activity logging utility for Mythic C2 v3.0+ with Ghostwriter v3.0+β18Updated 4 months ago
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.β21Updated 11 months ago