SentineLabs / SentinelLabs_RevCore_ToolsLinks
The Windows Malware Analysis Reversing Core Tools
☆95Updated 4 years ago
Alternatives and similar repositories for SentinelLabs_RevCore_Tools
Users that are interested in SentinelLabs_RevCore_Tools are comparing it to the libraries listed below
Sorting:
- YARA rule analyzer to improve rule quality and performance☆101Updated last month
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Updated 2 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆95Updated 2 years ago
- This repo is where I store my Threat Hunting ideas/content☆87Updated 2 years ago
- ☆69Updated 3 months ago
- JPCERT/CC public YARA rules repository☆106Updated 5 months ago
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆31Updated 3 years ago
- Rules Shared by the Community from 100 Days of YARA 2023☆76Updated 2 years ago
- ☆87Updated last year
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Updated last year
- Active Directory Purple Team Playbook☆108Updated 2 years ago
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆139Updated last year
- A guide on how to write fast and memory friendly YARA rules☆144Updated 3 months ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆53Updated last year
- Blueteam operational triage registry hunting/forensic tool.☆147Updated 2 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆78Updated 3 weeks ago
- A repo to support the book☆108Updated 3 years ago
- Malware Samples that could be used for teaching students about malware analysis.☆54Updated last year
- Hunt malware with Volatility☆47Updated last year
- Yara Rules for Modern Malware☆77Updated last year
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆65Updated 3 years ago
- A python script developed to process Windows memory images based on triage type.☆262Updated last year
- IOC Collection 2022☆57Updated 2 years ago
- runsc loads 32/64 bit shellcode (depending on how runsc is compiled) in a way that makes it easy to load in a debugger. This code is base…☆36Updated 2 years ago
- A C# based tool for analysing malicious OneNote documents☆113Updated 2 years ago
- Active C&C Detector☆154Updated last year
- A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck☆128Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆93Updated 2 years ago
- A home for detection content developed by the delivr.to team☆69Updated this week
- Python based CLI for MalwareBazaar☆37Updated 7 months ago