JPCERTCC / AutoYara4FLIRTLinks
☆15Updated last year
Alternatives and similar repositories for AutoYara4FLIRT
Users that are interested in AutoYara4FLIRT are comparing it to the libraries listed below
Sorting:
- This repository contains an IDA processor for loading and disassembling compiled yara rules.☆41Updated 5 months ago
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆55Updated 2 years ago
- Winbindex bot to pull in binaries for specific releases☆48Updated last year
- Extract data of TTD trace file to a minidump☆28Updated last year
- Repository of Yara rules created by the Stratosphere team☆26Updated 3 years ago
- A modular Karton Framework service that unpacks common packers like UPX and others using the Qiling Framework.☆58Updated 4 years ago
- Dataset of packed ELF samples☆19Updated 2 years ago
- ☆25Updated 7 months ago
- .NET deobfuscator and unpacker (with a control flow unflattener for DoubleZero added).☆29Updated 3 years ago
- Analysis tool for estimating the likelihood that a binary contains compressed or encrypted bytes☆47Updated 6 months ago
- Utilities for working with vivisect☆25Updated 3 months ago
- PoC code and tools for Black Hat USA 2024☆21Updated 10 months ago
- Static configuration extractor for the Karton framework☆10Updated 5 months ago
- A small tool to unmap PE memory dumps.☆11Updated last year
- Rekall Memory Forensic Framework☆32Updated 5 years ago
- ☆22Updated last year
- ☆22Updated last year
- ☆30Updated 7 months ago
- SRE - Dissecting Malware for Static Analysis & the Complete Command-line Tool☆53Updated 5 months ago
- Small visualizator for PE files☆69Updated last year
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆83Updated last year
- ☆28Updated 5 years ago
- Scripts, Yara rules and other files developed during malware investigations☆25Updated 2 years ago
- Modular malware analysis artifact collection and correlation framework☆53Updated last year
- Binary Ninja plugin to deobfuscate strings obfuscated with the Garble project☆24Updated 3 months ago
- ☆13Updated 2 years ago
- ☆52Updated 8 months ago
- 🚧 Currently transfering TLP:CLEAR rules from TLP:AMBER repository...☆21Updated last year
- ☆27Updated 7 months ago
- Golang bindings for PE-sieve☆43Updated last year