PwCUK-CTO / rtfsigLinks
A tool to help malware analysts signature unique parts of RTF documents
☆29Updated 5 months ago
Alternatives and similar repositories for rtfsig
Users that are interested in rtfsig are comparing it to the libraries listed below
Sorting:
- Steezy - Ghetto Yara Generation☆15Updated 2 years ago
- ☆15Updated 3 years ago
- Validates yara rules and tries to repair the broken ones.☆39Updated 4 years ago
- A Modular MWDB Utility to Collect Fresh Malware Samples☆34Updated 4 years ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆38Updated 2 years ago
- Generate YARA rules for OOXML documents.☆38Updated 2 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆30Updated 5 years ago
- Maltego transforms to pivot between PE files based on their VirusTotal codeblocks☆18Updated 3 years ago
- Links to malware-related YARA rules☆15Updated 2 years ago
- Presentation materials for talks I've given.☆20Updated 5 years ago
- TA505 unpacker Python 2.7☆47Updated 5 years ago
- This repository regroups the Yara Rules for the Unprotect Project☆26Updated 4 years ago
- Generates YARA rules to detect malware using API hashing☆17Updated 4 years ago
- Python 3 library to build YARA rules.☆13Updated 3 years ago
- Generate a Yara rule to find base64-encoded files containg a specific keyword☆40Updated 6 years ago
- A collection of my public YARA signatures for various malware families☆29Updated 9 months ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 4 years ago
- Collection of scripts used to analyse malware or emails☆19Updated 4 years ago
- Threat Box Assessment Tool☆19Updated 3 years ago
- Scans a malware file and lists down the related MBC (Malware Behavior Catalog) details.☆22Updated 2 years ago
- Yara rules☆21Updated 2 years ago
- Low budget VirusTotal Intelligence Cosplay☆20Updated 3 years ago
- ☆23Updated 4 years ago
- A set of tools for collecting forensic information☆26Updated 5 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Updated 6 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆13Updated 3 years ago
- A list of IOCs applicable to PoshC2☆24Updated 4 years ago
- C# User Simulation☆32Updated 2 years ago
- Handy scripts to speed up malware analysis☆35Updated last year
- Indicators of compromise relating to our report on APT10's targeting of global MSPs☆10Updated 7 years ago