CybercentreCanada/Maco external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

CybercentreCanada/Maco

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/CybercentreCanada/Maco)

Close

CybercentreCanada / MacoView on GitHubMore

• External links
• Readme badge

Maco - Malware config extractor framework

☆45Mar 2, 2026Updated this week

Alternatives and similar repositories for Maco

Users that are interested in Maco are comparing it to the libraries listed below

• CybercentreCanada / configextractor-py

  View on GitHub
  Python Library for ConfigExtractor
  ☆15Feb 24, 2026Updated last week
• CAPESandbox / community

  View on GitHub
  Community modules for CAPE Sandbox
  ☆111Feb 24, 2026Updated last week
• turbot / steampipe-plugin-virustotal

  View on GitHub
  Use SQL to instantly query file, domain, URL and IP scanning results from VirusTotal.
  ☆23Oct 13, 2025Updated 4 months ago
• sandialabs / mac-sandbox

  View on GitHub
  This is a malware analyzer for Mac OS X that extends the Cuckoo Sandbox project (https://cuckoosandbox.org/)
  ☆23Jul 8, 2016Updated 9 years ago
• shellcromancer / DaysOfYARA-2023

  View on GitHub
  Rules Shared by the Community from 100 Days of YARA 2023 -
  ☆18Apr 10, 2023Updated 2 years ago
• mitre / yararules-python

  View on GitHub
  Easily scan with multiple yara rules from different sources.
  ☆14Mar 9, 2024Updated last year
• mattreduce / mythic-crate

  View on GitHub
  An Ubuntu 18.04 box for Mythic C2 framework development
  ☆17Jun 17, 2022Updated 3 years ago
• m-chrome / py-suricataparser

  View on GitHub
  Pure python parser for Snort/Suricata rules.
  ☆34Mar 13, 2024Updated last year
• dod-cyber-crime-center / DC3-MWCP

  View on GitHub
  DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted …
  ☆340Feb 7, 2025Updated last year
• MSAdministrator / msi-utils

  View on GitHub
  A python package that helps with analysis of MSI files
  ☆14Mar 28, 2021Updated 4 years ago
• davidljohnson / SigGen

  View on GitHub
  ☆18May 5, 2024Updated last year
• williballenthin / viv-utils

  View on GitHub
  Utilities for working with vivisect
  ☆26Oct 1, 2025Updated 5 months ago
• CybercentreCanada / assemblyline-base

  View on GitHub
  Base components for Assemblyline 4 (Datastore, ODM, Filestore, Remote Datatypes, utils function, etc...)
  ☆71Feb 26, 2026Updated last week
• CERT-Polska / mwdb-core

  View on GitHub
  Malware repository component for samples & static configuration with REST API interface.
  ☆379Updated this week
• stairwell-inc / threat-research

  View on GitHub
  Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
  ☆23Jan 31, 2024Updated 2 years ago
• knightsc / EndpointSecurity

  View on GitHub
  A module to expose the Endpoint Security library to Swift
  ☆20Jul 10, 2019Updated 6 years ago
• MythicMeta / MythicContainer

  View on GitHub
  GoLang package for creating Mythic Payload Types, C2 Profiles, Translation Services, WebHook listeners, and Loggers
  ☆24Dec 15, 2025Updated 2 months ago
• jeFF0Falltrades / rat_king_parser

  View on GitHub
  A robust, multiprocessing-capable, multi-family RAT config parser/config extractor for AsyncRAT, DcRAT, VenomRAT, QuasarRAT, XWorm, Xeno …
  ☆71Feb 19, 2026Updated 2 weeks ago
• ruppde / yara_rules

  View on GitHub
  Yara rules
  ☆22Mar 27, 2023Updated 2 years ago
• AhmetPayaslioglu / YaraRules

  View on GitHub
  ☆22Jun 2, 2023Updated 2 years ago
• optiv / CVE-2020-15931

  View on GitHub
  Netwrix Account Lockout Examiner 4.1 Domain Admin Account Credential Disclosure Vulnerability
  ☆27Nov 11, 2020Updated 5 years ago
• CybercentreCanada / CCCS-Yara

  View on GitHub
  YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
  ☆116Updated this week
• BushidoUK / MITRE-Mappings

  View on GitHub
  A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.
  ☆27Mar 20, 2025Updated 11 months ago
• CERT-Bund / IRNetTools

  View on GitHub
  Incident Response Network Tools
  ☆24Jul 23, 2021Updated 4 years ago
• RussianPanda95 / Configuration_extractors

  View on GitHub
  Configuration Extractors for Malware
  ☆124Apr 23, 2025Updated 10 months ago
• binalyze / tigma

  View on GitHub
  Sigma Engine implementation in TypeScript
  ☆28Mar 5, 2023Updated 3 years ago
• plyara / plyara

  View on GitHub
  Parse YARA rules and operate over them more easily.
  ☆195Feb 6, 2025Updated last year
• anyrun / blog-scripts

  View on GitHub
  ☆35Jan 13, 2026Updated last month
• Immersive-Labs-Sec / SliverC2-Forensics

  View on GitHub
  A collection of tools and detections for the Sliver C2 Frameworj
  ☆132Apr 24, 2023Updated 2 years ago
• QinetiQ-Cyber-Intelligence / OpenCTI-Terraform

  View on GitHub
  A highly available AWS deployment of the Threat Intelligence platform, OpenCTI using Terraform. Native AWS resources are used where feasi…
  ☆38Apr 23, 2023Updated 2 years ago
• michelcrypt4d4mus / yaralyzer

  View on GitHub
  Visually inspect and force decode YARA and regex matches found in both binary and text data with colors. Lots of colors.
  ☆148Feb 1, 2026Updated last month
• aldonin / SIEM

  View on GitHub
  Security information and event management, masters's diploma
  ☆10Aug 3, 2015Updated 10 years ago
• DanusMinimus / MalwareLake

  View on GitHub
  A python script that allows a researcher to merge databases from Malshare and Malware Bazaar to created enrriched datasets from SIEM tool…
  ☆27Apr 6, 2020Updated 5 years ago
• Coalfire-CF / Coalfire-GCP-RAMPpak

  View on GitHub
  Coalfire GCP RAMP/pak Reference Architecture
  ☆13Feb 5, 2026Updated last month
• mitre-attack / attack-workbench-taxii-server

  View on GitHub
  An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…
  ☆44Feb 13, 2026Updated 3 weeks ago
• ail-project / ail-training

  View on GitHub
  AIL project training materials
  ☆39Feb 24, 2026Updated last week
• malpedia / signator-rules

  View on GitHub
  Collection of rules created using YARA-Signator over Malpedia
  ☆141Jan 6, 2026Updated 2 months ago
• adam-maj / adam-maj

  View on GitHub
  My personal profile!
  ☆17Oct 25, 2024Updated last year
• CybercentreCanada / assemblyline4_docs

  View on GitHub
  AssemblyLine4 documentation
  ☆28Feb 25, 2026Updated last week