AhmetPayaslioglu / YaraRulesLinks
☆21Updated 2 years ago
Alternatives and similar repositories for YaraRules
Users that are interested in YaraRules are comparing it to the libraries listed below
Sorting:
- Repository for archiving Cobalt Strike configuration☆35Updated last week
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆64Updated 3 years ago
- Default Detections for EDR☆96Updated last year
- Triaging Windows event logs based on SANS Poster☆40Updated last week
- My Malware Analysis Reports☆23Updated 3 years ago
- This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared☆88Updated last year
- A project created with an aim to emulate and test exfiltration of data over different network protocols.☆31Updated 2 years ago
- ATLAS - Malware Analysis Description☆21Updated 2 years ago
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged☆87Updated 3 years ago
- Lazarus analysis tools and research report☆56Updated last year
- CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"☆50Updated 3 years ago
- Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…☆107Updated 7 months ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆70Updated 3 years ago
- Finding secrets in kernel and user memory☆116Updated 2 years ago
- ☆82Updated 10 months ago
- ☆18Updated last year
- ☆27Updated 9 months ago
- ☆43Updated 3 years ago
- Yara Rules for Modern Malware☆79Updated last year
- PoC-Malware-TTPs☆49Updated 2 years ago
- Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation☆106Updated 3 years ago
- This is a repo for fetching Applocker event log by parsing the win-event log☆31Updated 3 years ago
- Malware Analysis tools☆26Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆98Updated 2 years ago
- Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files☆31Updated 3 years ago
- A collection of notes and rules (Snort/Suricata, Sigma, and YARA) to identify various samples of malware.☆14Updated 4 years ago
- 🐾Dogwalk PoC (using diagcab file to obtain RCE on windows)☆79Updated 3 years ago
- Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…☆42Updated last year
- Tools helpful for malware analysis☆23Updated last year
- Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles☆177Updated 3 months ago