RustyNoob-619 / 100-Days-of-YARA-2024
☆19Updated 6 months ago
Related projects ⓘ
Alternatives and complementary repositories for 100-Days-of-YARA-2024
- ☆18Updated 7 months ago
- Method of finding interesting domains using keywords + JARMs☆13Updated last year
- Configuration Extractors for Malware☆53Updated 3 weeks ago
- ☆21Updated last year
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated last year
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆82Updated last year
- Placeholder for my detection repo and misc detection engineering content☆43Updated last year
- Malware Analysis tools☆25Updated last month
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆62Updated 2 years ago
- ☆34Updated last year
- An Adaptive Misuse Detection System☆29Updated this week
- ☆26Updated 3 months ago
- Modular malware analysis artifact collection and correlation framework☆52Updated 6 months ago
- Hundred Days of Yara Challenge☆12Updated 2 years ago
- JA4TScan is an active TCP server fingerprinting tool.☆55Updated 2 months ago
- Triaging Windows event logs based on SANS Poster☆37Updated last year
- information about ransomware groups (Ransomware Analysis Notes)☆35Updated 10 months ago
- ☆15Updated this week
- ☆50Updated 6 months ago
- Yara Rules for Modern Malware☆67Updated 8 months ago
- Yet Another Memory Analyzer for malware detection☆24Updated last year
- This is a repo for fetching Applocker event log by parsing the win-event log☆30Updated 2 years ago
- Tools for offensive security of NetBackup infrastructures☆38Updated last year
- ☆31Updated 2 years ago
- Reads and prints information from the website MalAPI.io☆19Updated 2 years ago
- ☆22Updated 3 months ago
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆49Updated last year
- A project created with an aim to emulate and test exfiltration of data over different network protocols.☆30Updated last year
- 🚧 Currently transfering TLP:CLEAR rules from TLP:AMBER repository...☆22Updated 7 months ago