Alternatives and similar repositories for winnti-detector:

Users that are interested in winnti-detector are comparing it to the libraries listed below

• itsreallynick / office-crackros
  Crack your macros like the math pros.
  ☆33Updated 8 years ago
• JR0driguezB / malware_analysis
  Various snippets created during malware analysis
  ☆22Updated 7 years ago
• DissectMalware / MalwareCMDMonitor
  Shows command lines used by latest instances analyzed on Hybrid-Analysis
  ☆43Updated 6 years ago
• nccgroup / Royal_APT
  Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research
  ☆53Updated 7 years ago
• techbliss / Yara_Mailware_Quick_menu_scanner
  Work Fast With the pattern matching swiss knife for malware researchers.
  ☆38Updated 9 years ago
• jacobsoo / DDE-Extractor
  This script is used for extracting DDE in docx and xlsx
  ☆12Updated 7 years ago
• malware-kitten / yara_sig_tool
  A tool to generate yara signatures from function blocks
  ☆19Updated 10 years ago
• theevilbit / vaccination
  ☆10Updated 7 years ago
• dhondta / malicious-macro-tester
  CLI tool for testing Office documents with macros using MaliciousMacroBot
  ☆11Updated last year
• binarlyhq / binarly-query
  Command-line Interface for Binar.ly
  ☆37Updated 8 years ago
• PoorBillionaire / Windows-Prefetch-Carver
  Carve Windows Prefetch files from arbitrary binary data
  ☆14Updated 7 years ago
• darkquasar / WMI_Persistence
  A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics
  ☆86Updated 7 years ago
• cryptogramfan / Malware-Analysis-Scripts
  Handy scripts to speed up malware analysis
  ☆35Updated last year
• davidpany / rr_parseomater
  RegRipper wrapper for simplified bulk parsing or registry hives
  ☆9Updated 6 years ago
• serializingme / emofishes
  Emofishes is a collection of proof-of-concepts that help improve, bypass or detect virtualized execution environments (focusing on the on…
  ☆15Updated 2 years ago
• matthewdunwoody / PS_logging_reg
  A Windows REG file to enable all default PowerShell logging on a system with PowerShell v5 installed
  ☆16Updated 8 years ago
• mandiant / rvmi-qemu
  QEMU with rVMI extensions
  ☆25Updated 7 years ago
• msuhanov / registry-miner
  Registry Miner
  ☆14Updated 7 years ago
• bonifield / volatilityGrapher
  Force-Directed Graph Generator for Volatility Ouputs
  ☆26Updated 6 years ago
• CERT-Bund / yara-exporter
  Exporting MISP event attributes to yara rules usable with Thor apt scanner
  ☆24Updated 8 years ago
• airbus-cert / PSTrace
  Trace ScriptBlock execution for powershell v2
  ☆40Updated 5 years ago
• bsi-group / autorun-logger-server
  Server for receiving autorun data from the clients
  ☆13Updated 7 years ago
• RISCYBusiness / Jadoube
  ☆22Updated 7 years ago
• eset / volatility-browserhooks
  Volatility Framework plugin to detect various types of hooks as performed by banking Trojans
  ☆41Updated 6 years ago
• schrodyn / steezy
  Steezy - Ghetto Yara Generation
  ☆15Updated 2 years ago
• EmergingThreats / IDSDeathBlossom
  IDS Utility Belt For Automating/Testing Various Things
  ☆30Updated 4 years ago
• GelosSnake / MalwareResearchAPI
  API functions for Malware Research
  ☆35Updated 5 years ago
• nccgroup / WindowsFirewallHookDriverEnumeration
  Tools to enumerate Windows Firewall Hook Drivers on Windows 2000, XP and 2003
  ☆20Updated 10 years ago
• karttoon / iocs
  IoC's, PCRE's, YARA's etc
  ☆24Updated last month
• DissectMalware / base64_substring
  Generate a Yara rule to find base64-encoded files containg a specific keyword
  ☆40Updated 6 years ago