SentineLabs / SentinelLabs_RevCore_ToolsLinks
The Windows Malware Analysis Reversing Core Tools
☆96Updated 4 years ago
Alternatives and similar repositories for SentinelLabs_RevCore_Tools
Users that are interested in SentinelLabs_RevCore_Tools are comparing it to the libraries listed below
Sorting:
- JPCERT/CC public YARA rules repository☆110Updated 10 months ago
- YARA rule analyzer to improve rule quality and performance☆104Updated 6 months ago
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Updated last year
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆140Updated last year
- Rules Shared by the Community from 100 Days of YARA 2023☆78Updated 2 years ago
- A C# based tool for analysing malicious OneNote documents☆116Updated 2 years ago
- A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck☆130Updated last year
- Rules shared by the community from 100 Days of YARA 2024☆86Updated 9 months ago
- Detection Engineering with YARA☆87Updated last year
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆32Updated 3 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97Updated 2 years ago
- A python script developed to process Windows memory images based on triage type.☆265Updated last year
- Collection of malware persistence and hunting information. Be a persistent persistence hunter!☆182Updated 3 weeks ago
- Blueteam operational triage registry hunting/forensic tool.☆150Updated last month
- Collection of scripts used to deobfuscate GOOTLOADER malware samples.☆64Updated 10 months ago
- This repo is where I store my Threat Hunting ideas/content☆88Updated 2 years ago
- ☆203Updated 11 months ago
- Malware Samples that could be used for teaching students about malware analysis.☆62Updated last year
- A guide on how to write fast and memory friendly YARA rules☆154Updated 8 months ago
- Simple PowerShell script to enable process scanning with Yara.☆96Updated 3 years ago
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆203Updated this week
- This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.☆118Updated last year
- Yara Rules for Modern Malware☆79Updated last year
- Powershell sandboxing utility☆19Updated 2 weeks ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Updated 2 years ago
- ☆75Updated 3 weeks ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆55Updated 2 years ago
- Hunt malware with Volatility☆47Updated 3 months ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆207Updated 3 years ago
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆65Updated 3 years ago