Suricata rules to detect Winnti communication
☆16Mar 5, 2018Updated 8 years ago
Alternatives and similar repositories for winnti-suricata-lua
Users that are interested in winnti-suricata-lua are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Network detector for Winnti malware☆21Mar 6, 2018Updated 8 years ago
- A Yara Lua output script for Suricata☆20Apr 7, 2019Updated 6 years ago
- Nmap Script to scan for Winnti infections☆71May 22, 2018Updated 7 years ago
- Suricata LUA scripts to detect CVE-2019-12255, CVE-2019-12256, CVE-2019-12258, and CVE-2019-12260☆19Nov 28, 2019Updated 6 years ago
- Repository of Volatility3 plugins☆22Mar 22, 2023Updated 3 years ago
- ☆10Sep 11, 2021Updated 4 years ago
- Please see other maintained fork:☆17Dec 4, 2025Updated 3 months ago
- Microsoft Windows HTA (HTML Application) - Remote Code Execution☆30Aug 21, 2015Updated 10 years ago
- The report of a supervised classifier to detect malware in TLS traffic☆20Oct 21, 2019Updated 6 years ago
- Example Suricata rules implementing some of my detection tactics☆22Jan 13, 2023Updated 3 years ago
- ☆27Mar 2, 2022Updated 4 years ago
- Practice Go programming and implement CobaltStrike's Beacon in Go☆14Mar 19, 2020Updated 6 years ago
- server for indexing and querying passive DNS observations☆50Jan 12, 2026Updated 2 months ago
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Sep 17, 2019Updated 6 years ago
- Go reverse shell for Win/Linux/OSX☆17May 15, 2019Updated 6 years ago
- Binarly SDK v1☆14Dec 18, 2016Updated 9 years ago
- Reviews and tests of security products☆17Dec 28, 2024Updated last year
- Basic c2-matrix analysis enviroment using Suricata + Wazuh + Elastic stack☆12Apr 18, 2020Updated 5 years ago
- Community-based CybergON-powered Suricata rules☆12Jul 5, 2022Updated 3 years ago
- YARA Rule Strings Statistics Calculator and Malware Research Helper☆14Jul 24, 2021Updated 4 years ago
- simple YARA-based IOC scanner☆176Updated this week
- ☆12Jan 28, 2020Updated 6 years ago
- Check Sigma rules for easy-to-bypass whitelists to make them more robust (https://github.com/SigmaHQ/sigma)☆15Feb 1, 2021Updated 5 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆24Mar 27, 2017Updated 8 years ago
- Create Suricata and Snort DNS signatures given a single domain or list of domains in a file.☆18Nov 13, 2017Updated 8 years ago
- PE file format reader in JavaScript☆26Apr 10, 2019Updated 6 years ago
- ☆23Aug 1, 2020Updated 5 years ago
- BinSequencer is a script designed to find a common pattern of bytes within a set of samples and generate a YARA rule from the identified…☆80Jan 2, 2022Updated 4 years ago
- This repository contains tools used by 401trg.☆20Apr 14, 2021Updated 4 years ago
- ☆53May 21, 2018Updated 7 years ago
- ☆74Feb 17, 2022Updated 4 years ago
- ☆49Jan 13, 2020Updated 6 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆88Oct 6, 2017Updated 8 years ago
- Trace ScriptBlock execution for powershell v2☆40Jan 14, 2020Updated 6 years ago
- An Elasticsearch QUEry Language☆57Jul 3, 2017Updated 8 years ago
- ☆12Apr 23, 2020Updated 5 years ago
- Custom n8n node to interact with FireFly iii API☆34Feb 10, 2026Updated last month
- Mikrotik's Winbox in a docker container accessible via noVNC through a web browser.☆13May 12, 2025Updated 10 months ago
- ☆17Nov 13, 2024Updated last year