CERT-Polska / malduckLinks
Malduck is your ducky companion in malware analysis journeys
☆335Updated 3 weeks ago
Alternatives and similar repositories for malduck
Users that are interested in malduck are comparing it to the libraries listed below
Sorting:
- Malware repository component for samples & static configuration with REST API interface.☆354Updated last month
- Distributed malware processing framework based on Python, Redis and S3.☆426Updated 2 weeks ago
- A Binary Genetic Traits Lexer Framework☆494Updated 3 months ago
- Standard collection of rules for capa: the tool for enumerating the capabilities of programs☆587Updated this week
- Collection of malware persistence and hunting information. Be a persistent persistence hunter!☆179Updated 4 months ago
- A guide on how to write fast and memory friendly YARA rules☆143Updated 3 months ago
- Assortment of hashing algorithms used in malware☆362Updated last week
- High Octane Triage Analysis☆728Updated last week
- YARA malware query accelerator (web frontend)☆428Updated 2 months ago
- Generating YARA rules based on binary code☆210Updated 3 years ago
- Research notes☆124Updated 5 months ago
- Dynamic unpacker based on PE-sieve☆732Updated last week
- MBC content in markdown☆452Updated 2 months ago
- c2 traffic☆188Updated 2 years ago
- Automatic YARA rule generation for Malpedia☆160Updated 2 years ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆579Updated last year
- The Volatility Collaborative GUI☆243Updated this week
- Security ML models encoded as Yara rules☆214Updated last year
- IOC from articles, tweets for archives☆313Updated last year
- Code snips and notes☆137Updated 3 years ago
- This repo is a collection of Ransomware reports from vendors, researchers, etc.☆118Updated 2 years ago
- A golang CLI tool to download malware from a variety of sources.☆146Updated last year
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆104Updated 3 weeks ago
- A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck☆128Updated last year
- Collection of private Yara rules.☆354Updated last month
- Collection of rules created using YARA-Signator over Malpedia☆129Updated 6 months ago
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆248Updated 2 years ago
- ☆104Updated last year
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆137Updated 2 years ago
- This project aims at simplifying Windows API import recovery on arbitrary memory dumps☆249Updated 2 years ago