TKCERT/winnti-suricata-lua external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

TKCERT/winnti-suricata-lua

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/TKCERT/winnti-suricata-lua)

Close

TKCERT / winnti-suricata-luaView on GitHubMore

• External links
• Readme badge

Suricata rules to detect Winnti communication

☆16Mar 5, 2018Updated 8 years ago

Alternatives and similar repositories for winnti-suricata-lua

Users that are interested in winnti-suricata-lua are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• TKCERT / winnti-detector

  View on GitHub
  Network detector for Winnti malware
  ☆21Mar 6, 2018Updated 8 years ago
• B0fH / yara-suricata

  View on GitHub
  A Yara Lua output script for Suricata
  ☆20Apr 7, 2019Updated 7 years ago
• TKCERT / winnti-nmap-script

  View on GitHub
  Nmap Script to scan for Winnti infections
  ☆71May 22, 2018Updated 7 years ago
• sud0woodo / Urgent11-Suricata-LUA-scripts

  View on GitHub
  Suricata LUA scripts to detect CVE-2019-12255, CVE-2019-12256, CVE-2019-12258, and CVE-2019-12260
  ☆19Nov 28, 2019Updated 6 years ago
• daddycocoaman / volplugins

  View on GitHub
  Repository of Volatility3 plugins
  ☆22Mar 22, 2023Updated 3 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• lucanag / emotet

  View on GitHub
  ☆10Sep 11, 2021Updated 4 years ago
• codecrack3 / HTA-Exploit-

  View on GitHub
  Microsoft Windows HTA (HTML Application) - Remote Code Execution
  ☆30Aug 21, 2015Updated 10 years ago
• ojroques / tls-malware-detection

  View on GitHub
  The report of a supervised classifier to detect malware in TLS traffic
  ☆21Oct 21, 2019Updated 6 years ago
• michalpurzynski / suricata-rules

  View on GitHub
  Example Suricata rules implementing some of my detection tactics
  ☆22Jan 13, 2023Updated 3 years ago
• 3vangel1st / 100DaysOfYARA

  View on GitHub
  ☆27Mar 2, 2022Updated 4 years ago
• DCSO / balboa

  View on GitHub
  server for indexing and querying passive DNS observations
  ☆49Jan 12, 2026Updated 3 months ago
• proferosec / Threat-Intelligence

  View on GitHub
  A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.
  ☆10Sep 17, 2019Updated 6 years ago
• pH-T / go-revshell

  View on GitHub
  Go reverse shell for Win/Linux/OSX
  ☆17May 15, 2019Updated 6 years ago
• binarlyhq / binarly-sdk

  View on GitHub
  Binarly SDK v1
  ☆14Dec 18, 2016Updated 9 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• albertzsigovits / writeups

  View on GitHub
  Reviews and tests of security products
  ☆17Dec 28, 2024Updated last year
• h0rv4th / c2matrix-analyzer

  View on GitHub
  Basic c2-matrix analysis enviroment using Suricata + Wazuh + Elastic stack
  ☆13Apr 18, 2020Updated 6 years ago
• Sh3llyR / statiStrings

  View on GitHub
  YARA Rule Strings Statistics Calculator and Malware Research Helper
  ☆14Jul 24, 2021Updated 4 years ago
• spyre-project / spyre

  View on GitHub
  simple YARA-based IOC scanner
  ☆176Mar 17, 2026Updated last month
• inversecos / valentinewaifu

  View on GitHub
  ☆15Feb 12, 2023Updated 3 years ago
• mrlesmithjr / ansible-suricata

  View on GitHub
  ☆12Jan 28, 2020Updated 6 years ago
• Karneades / SigmaFilterCheck

  View on GitHub
  Check Sigma rules for easy-to-bypass whitelists to make them more robust (https://github.com/SigmaHQ/sigma)
  ☆16Feb 1, 2021Updated 5 years ago
• CERT-Bund / yara-exporter

  View on GitHub
  Exporting MISP event attributes to yara rules usable with Thor apt scanner
  ☆25Mar 27, 2017Updated 9 years ago
• darienhuss / dns_sigs

  View on GitHub
  Create Suricata and Snort DNS signatures given a single domain or list of domains in a file.
  ☆18Nov 13, 2017Updated 8 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• snemes / malware-analysis

  View on GitHub
  ☆23Aug 1, 2020Updated 5 years ago
• glennie / tinyca2

  View on GitHub
  tinyCA2
  ☆17Aug 29, 2015Updated 10 years ago
• karttoon / binsequencer

  View on GitHub
  BinSequencer is a script designed to find a common pattern of bytes within a set of samples and generate a YARA rule from the identified…
  ☆80Jan 2, 2022Updated 4 years ago
• 401trg / utilities

  View on GitHub
  This repository contains tools used by 401trg.
  ☆20Apr 14, 2021Updated 5 years ago
• dmb2168 / OAuthHunting

  View on GitHub
  ☆53May 21, 2018Updated 7 years ago
• EmergingThreats / et-luajit-scripts

  View on GitHub
  ☆74Feb 17, 2022Updated 4 years ago
• SecurityRiskAdvisors / PDBlaster

  View on GitHub
  ☆50Jan 13, 2020Updated 6 years ago
• darkquasar / WMI_Persistence

  View on GitHub
  A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics
  ☆88Oct 6, 2017Updated 8 years ago
• airbus-cert / PSTrace

  View on GitHub
  Trace ScriptBlock execution for powershell v2
  ☆40Jan 14, 2020Updated 6 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• thomaspatzke / EQUEL

  View on GitHub
  An Elasticsearch QUEry Language
  ☆58Jul 3, 2017Updated 8 years ago
• ipworkx / ecs-suricata

  View on GitHub
  ☆12Apr 23, 2020Updated 6 years ago
• t4skforce / docker-novnc-winbox

  View on GitHub
  Mikrotik's Winbox in a docker container accessible via noVNC through a web browser.
  ☆13May 12, 2025Updated 11 months ago
• juanandresgs / Proj-0xA11c

  View on GitHub
  ☆17Nov 13, 2024Updated last year
• conix-security / bl2ru2

  View on GitHub
  Mass Suricata rules creator, from a list of domain
  ☆14Sep 14, 2018Updated 7 years ago
• carbonblack / mockc2

  View on GitHub
  An interactive mock C2 server
  ☆17Feb 25, 2023Updated 3 years ago
• PonyPC / myaut_contrib

  View on GitHub
  mod to myaut2exe decompiler
  ☆19Jul 28, 2017Updated 8 years ago