InQuest / microsoft-office-macro-clustering
☆17Updated last year
Related projects ⓘ
Alternatives and complementary repositories for microsoft-office-macro-clustering
- Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules☆49Updated last year
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆30Updated 4 years ago
- A collection of my public YARA signatures for various malware families☆29Updated last month
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆37Updated last year
- Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research☆53Updated 6 years ago
- Links to malware-related YARA rules☆14Updated 2 years ago
- Telsy CTI Research Team☆57Updated 3 years ago
- This tool maps a file's behavior on MITRE ATT&CK matrix.☆57Updated 4 years ago
- Create an entire YARA rule via Python? Whhhhhhaatttt?☆72Updated 5 years ago
- Radare2 Metadata Extraction to Elasticsearch☆21Updated 5 months ago
- Generate YARA rules for OOXML documents.☆37Updated last year
- Handy scripts to speed up malware analysis☆35Updated last year
- A script that extracts embedded images from Office Open XML (OOXML) documents and generates image hash similarity graphs that cluster vis…☆20Updated 2 years ago
- Generate bulk YARA rules from YAML input☆22Updated 4 years ago
- Collection of YARA signatures from individual research☆42Updated 11 months ago
- A Maltego transform for VirusTotal vHash☆31Updated 5 years ago
- Python based CLI for MalwareBazaar☆36Updated last week
- Steezy - Ghetto Yara Generation☆15Updated last year
- Repository with selected IOCs and YARA rules for threat hunting.☆32Updated 2 months ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 2 years ago
- Scans a malware file and lists down the related MBC (Malware Behavior Catalog) details.☆20Updated 2 years ago
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Updated last year
- ☆13Updated 2 years ago
- TA505 unpacker Python 2.7☆46Updated 4 years ago
- Generate a Yara rule to find base64-encoded files containg a specific keyword☆40Updated 6 years ago
- Random hunting ordiented yara rules☆95Updated last year
- Assemblyline 4 Malware detonation service (Cuckoo)☆18Updated 9 months ago
- VSCode extension for the YARA pattern matching language☆63Updated 10 months ago
- A tool to help malware analysts signature unique parts of RTF documents☆29Updated 9 months ago
- Modular malware analysis artifact collection and correlation framework☆52Updated 6 months ago