☆23Jul 7, 2023Updated 2 years ago
Alternatives and similar repositories for Detection
Users that are interested in Detection are comparing it to the libraries listed below
Sorting:
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- Generate MAEC XML from Ero Carrera's pefile output☆15Mar 6, 2017Updated 8 years ago
- Discover potential timestamps within the Windows Registry☆19Apr 22, 2014Updated 11 years ago
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Mar 12, 2019Updated 6 years ago
- macOS triage is a python script to collect various macOS logs, artifacts, and other data.☆25Mar 25, 2021Updated 4 years ago
- Threat Hunting Malware Infrastructure☆11Dec 3, 2023Updated 2 years ago
- MSVC C++ resource example☆11Jun 28, 2018Updated 7 years ago
- Library and tools to access the GUID Partition Table (GPT) volume system format☆11Dec 20, 2025Updated 2 months ago
- Conti V3 source code updated☆11Jun 30, 2022Updated 3 years ago
- JPCERT/CC public YARA rules repository☆109Nov 14, 2025Updated 3 months ago
- Synapse Rapid Power-up for SinkDB☆11Jun 24, 2025Updated 8 months ago
- Work in Progress repo☆15Apr 18, 2019Updated 6 years ago
- ☆12Aug 8, 2019Updated 6 years ago
- RunPE dump - I wrote this to have better control over the analysis of malwares. I can stop and analysis malware when it uses some of the …☆10Jul 1, 2015Updated 10 years ago
- FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.☆72Jan 6, 2026Updated last month
- Bro PCAP Processing and Tagging API☆28Nov 9, 2017Updated 8 years ago
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- A modified fork of Be.HexEditor for use in debug tools☆15Jan 5, 2022Updated 4 years ago
- Golang parser for OLE files☆33Dec 4, 2025Updated 2 months ago
- Crowdstrike Falcon Host script for iterating through instances to get alert and other relevant data☆13Jul 16, 2019Updated 6 years ago
- LILO based Pulse Secure appliance disk image decryptor☆13Mar 20, 2024Updated last year
- Attempt to replicate the functions of auto_rip by Corey Harrell in Python.☆12Aug 4, 2024Updated last year
- Repository of Yara Rules☆139Feb 16, 2026Updated last week
- Some YARA rules i will add from time to time☆67Mar 25, 2023Updated 2 years ago
- Signatures and IoCs from public Volexity blog posts.☆363Dec 4, 2025Updated 2 months ago
- Binarly SDK v1☆14Dec 18, 2016Updated 9 years ago
- ☆14Aug 21, 2022Updated 3 years ago
- ☆128Feb 2, 2025Updated last year
- Handy scripts to speed up malware analysis☆34Oct 3, 2023Updated 2 years ago
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆102Jul 10, 2025Updated 7 months ago
- Command-line Interface for Binar.ly☆39Jan 13, 2017Updated 9 years ago
- VB Exe Parser is an IDA script written in Python. This script will help you to parse VB program internal structures. It can find: Event, …☆18Oct 7, 2016Updated 9 years ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆141Nov 19, 2023Updated 2 years ago
- ☆15Feb 22, 2021Updated 5 years ago
- An open source virus scan aggregation framework.☆25Apr 25, 2014Updated 11 years ago
- Microsoft GPO Readiness Lateral Movement Detection Tool☆16Dec 8, 2022Updated 3 years ago
- ☆25Jan 8, 2024Updated 2 years ago
- A virtual PDF analysis framework☆17Jan 31, 2014Updated 12 years ago