JPCERTCC / AutoYara4FLIRT

Related projects ⓘ

Alternatives and complementary repositories for AutoYara4FLIRT

• airbus-cert / ttd2mdmp
  Extract data of TTD trace file to a minidump
  ☆28Updated last year
• FuzzySecurity / BulkBindex
  Winbindex bot to pull in binaries for specific releases
  ☆46Updated last year
• williballenthin / viv-utils
  Utilities for working with vivisect
  ☆23Updated 3 weeks ago
• TakahiroHaruyama / SpiMitm
  SPI flash read MitM attack PoC
  ☆36Updated 2 years ago
• packing-box / bintropy
  Analysis tool for estimating the likelihood that a binary contains compressed or encrypted bytes
  ☆42Updated 9 months ago
• NtQuerySystemInformation / Malware-RE-papers
  Here are some of my malware reversing papers that I will be publishing
  ☆31Updated 2 years ago
• X-Junior / Malware-IDAPython-Scripts
  ☆22Updated 6 months ago
• airbus-cert / etwbreaker
  An IDA plugin to deal with Event Tracing for Windows (ETW)
  ☆50Updated 2 years ago
• n1ght-w0lf / pe-unmapper
  A small tool to unmap PE memory dumps.
  ☆11Updated last year
• c3rb3ru5d3d53c / karton-unpacker
  A modular Karton Framework service that unpacks common packers like UPX and others using the Qiling Framework.
  ☆51Updated 3 years ago
• sisoma2 / malware_analysis
  Scripts, Yara rules and other files developed during malware investigations
  ☆24Updated 2 years ago
• anyrun / blog-scripts
  ☆24Updated this week
• t0-retooling / defender-recon24
  ☆38Updated last month
• alexander-hanel / RenameLocalVars
  RenameLocalVars is an IDA plugin that renames local variables to something easier to read.
  ☆15Updated last year
• nao-sec / rr_decoder
  Royal Road RTF Weaponizer object decoder
  ☆24Updated last month
• NextronSystems / gimphash
  Imphash-like calculation on Golang binaries
  ☆47Updated 2 years ago
• intel471 / coderex
  A tool that automates regex generation for the x86 and x86-64 instruction sets
  ☆62Updated 7 months ago
• archcloudlabs / r2elk
  Radare2 Metadata Extraction to Elasticsearch
  ☆21Updated 6 months ago
• ghidragolf / ctfd-ghidragolf
  docker-compose to deploy CTFd w/ ghidragolf configurations
  ☆12Updated last year
• gkucherin / de4dot
  .NET deobfuscator and unpacker (with a control flow unflattener for DoubleZero added).
  ☆28Updated 2 years ago
• shamrockhoax / mazedecoder
  ☆28Updated 4 years ago
• Dump-GUY / Python3---Binary-Data-Manipulation
  Python 3 - Manipulation and conversation with different data type (Bytes operations)
  ☆27Updated 2 years ago
• danielplohmann / mcrit
  The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash alg…
  ☆86Updated 5 months ago
• hasherezade / flareon2023
  ☆25Updated 3 weeks ago
• OALabs / trashdbg
  TrashDBG the world's worse debugger
  ☆23Updated 2 years ago
• tbarabosch / apihash_to_yara
  Generates YARA rules to detect malware using API hashing
  ☆17Updated 3 years ago
• fr0gger / MalwareMuncher
  Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…
  ☆42Updated last year
• Dump-GUY / Invoke-DetectItEasy
  Invoke-DetectItEasy is a wrapper for excelent tool called Detect-It-Easy. This PS module is very useful for Threat Hunting and Forensics.
  ☆23Updated 2 years ago
• usualsuspect / yara_vt_mock
  Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing
  ☆21Updated last year
• alexander-hanel / gopep
  Go Lang Portable Executable Parser
  ☆37Updated 3 years ago