Alternatives and similar repositories for go-yara

Users that are interested in go-yara are comparing it to the libraries listed below

• malware-kitten / shellcode_hashes
  A collection of shellcode hashes
  ☆17Updated 6 years ago
• zom3y3 / ssdc
  ssdeep cluster analysis for malware files
  ☆31Updated 5 years ago
• Velocidex / oleparse
  Golang parser for OLE files
  ☆32Updated 3 months ago
• repnz / rpcmon
  RPC Monitor based on The ETW Microsoft-Windows-Rpc provider
  ☆24Updated 5 years ago
• zlowram / gopart
  Package that provides different PE tricks to difficult the reverse engineering of your Windows applications.
  ☆11Updated 5 years ago
• splunk / PPLinject
  Inject unsigned DLL into Protected Process Light (PPL)
  ☆25Updated last month
• Velocidex / go-pe
  A Portable Executable parser for Golang
  ☆47Updated 5 months ago
• mandiant / win10_rekall
  Rekall Memory Forensic Framework
  ☆32Updated 5 years ago
• n1ght-w0lf / Uchihash
  A small utility to deal with malware embedded hashes.
  ☆51Updated last year
• EgeBalci / Hook_API
  Assembly block for hooking windows API functions.
  ☆91Updated 5 years ago
• hasherezade / libpeconv_tpl
  A ready-made template for a project based on libpeconv.
  ☆48Updated 4 months ago
• ihack4falafel / ROR13HashGenerator
  C# implementation to produce ROR-13 numeric hash for given function API name
  ☆32Updated 6 years ago
• EgeBalci / MapPE
  PE file mapping and manipulation package.
  ☆36Updated 3 years ago
• CERT-Polska / karton-config-extractor
  Static configuration extractor for the Karton framework
  ☆10Updated 5 months ago
• audibleblink / dummyDLL
  Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.
  ☆41Updated 2 years ago
• fkie-cad / yapscan
  Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.
  ☆61Updated last year
• jonas-koeritz / amsi
  Golang wrapper for the Microsoft Antimalware Scan Interface (AMSI)
  ☆11Updated 3 years ago
• 0xrawsec / golang-etw
  ☆38Updated 2 years ago
• DamonMohammadbagher / ETWNetMonv3
  ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Ima…
  ☆40Updated 2 years ago
• stoerchl / yara_zip_module
  ☆13Updated 2 years ago
• hongson11698 / defender-database-extract
  defender_database
  ☆18Updated last year
• timwhitez / Doge-Obf
  golang String Obfuscate
  ☆9Updated 3 years ago
• EgeBalci / meterpreter
  Basic multi platform meterpreter loader module.
  ☆15Updated 4 years ago
• houjingyi233 / APT32-deobfuscation
  Here is python script I wrote for deobfuscation APT32 sample.
  ☆10Updated 4 years ago
• g0mxxm / shellcode_extractor_for_maldoc
  The code in this repository which function is to extract the shellcode from the maldoc.
  ☆10Updated last year
• listinvest / undonut
  Unpacker for donut shellcode
  ☆17Updated 5 years ago
• OsandaMalith / WindowsInternals
  Experiments on the Windows Internals
  ☆30Updated 5 years ago
• elastic / PPLGuard
  ☆70Updated 4 months ago
• NextronSystems / go-handle
  Iterate over Windows Handles
  ☆14Updated last year
• SpecterOps / ipc-research
  Inter-Process Communication Mechanisms
  ☆28Updated 4 years ago