Karneades / malware-persistenceLinks
Collection of malware persistence and hunting information. Be a persistent persistence hunter!
☆182Updated 3 weeks ago
Alternatives and similar repositories for malware-persistence
Users that are interested in malware-persistence are comparing it to the libraries listed below
Sorting:
- The Windows Malware Analysis Reversing Core Tools☆96Updated 4 years ago
- A guide on how to write fast and memory friendly YARA rules☆153Updated 8 months ago
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆140Updated last year
- This repo is a collection of Ransomware reports from vendors, researchers, etc.☆119Updated 3 years ago
- YARA rule analyzer to improve rule quality and performance☆104Updated 6 months ago
- JPCERT/CC public YARA rules repository☆110Updated 10 months ago
- Unprotect is a python tool for parsing PE malware and extract evasion techniques.☆118Updated 2 years ago
- Malware Samples that could be used for teaching students about malware analysis.☆62Updated last year
- ☆131Updated last year
- Malduck is your ducky companion in malware analysis journeys☆346Updated 4 months ago
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆259Updated 2 years ago
- Malware Sandboxes & Malware Source☆101Updated 8 years ago
- c2 traffic☆191Updated 2 years ago
- ☆254Updated last year
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆107Updated 5 months ago
- A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck☆130Updated last year
- Automatic YARA rule generation for Malpedia☆162Updated 3 years ago
- A python script developed to process Windows memory images based on triage type.☆265Updated last year
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Updated last year
- ☆145Updated this week
- Collection of rules created using YARA-Signator over Malpedia☆140Updated 11 months ago
- Understanding and analyzing carrier files workshop repo☆51Updated 5 years ago
- runsc loads 32/64 bit shellcode (depending on how runsc is compiled) in a way that makes it easy to load in a debugger. This code is base…☆38Updated 2 years ago
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆141Updated 3 years ago
- A ProcessMonitor visualization application written in rust.☆184Updated 2 years ago
- Rules shared by the community from 100 Days of YARA 2024☆86Updated 9 months ago
- MAEC Schemas and Schema Development☆88Updated 5 years ago
- Various capabilities for static malware analysis.☆79Updated last year
- Blueteam operational triage registry hunting/forensic tool.☆150Updated last month
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆170Updated 3 years ago