Velocidex / go-yaraLinks
Go bindings for YARA
☆14Updated last year
Alternatives and similar repositories for go-yara
Users that are interested in go-yara are comparing it to the libraries listed below
Sorting:
- A collection of shellcode hashes☆17Updated 6 years ago
- ssdeep cluster analysis for malware files☆31Updated 5 years ago
- Golang parser for OLE files☆32Updated 3 months ago
- RPC Monitor based on The ETW Microsoft-Windows-Rpc provider☆24Updated 5 years ago
- Package that provides different PE tricks to difficult the reverse engineering of your Windows applications.☆11Updated 5 years ago
- Inject unsigned DLL into Protected Process Light (PPL)☆25Updated last month
- A Portable Executable parser for Golang☆47Updated 5 months ago
- Rekall Memory Forensic Framework☆32Updated 5 years ago
- A small utility to deal with malware embedded hashes.☆51Updated last year
- Assembly block for hooking windows API functions.☆91Updated 5 years ago
- A ready-made template for a project based on libpeconv.☆48Updated 4 months ago
- C# implementation to produce ROR-13 numeric hash for given function API name☆32Updated 6 years ago
- PE file mapping and manipulation package.☆36Updated 3 years ago
- Static configuration extractor for the Karton framework☆10Updated 5 months ago
- Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.☆41Updated 2 years ago
- Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.☆61Updated last year
- Golang wrapper for the Microsoft Antimalware Scan Interface (AMSI)☆11Updated 3 years ago
- ☆38Updated 2 years ago
- ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Ima…☆40Updated 2 years ago
- ☆13Updated 2 years ago
- defender_database☆18Updated last year
- golang String Obfuscate☆9Updated 3 years ago
- Basic multi platform meterpreter loader module.☆15Updated 4 years ago
- Here is python script I wrote for deobfuscation APT32 sample.☆10Updated 4 years ago
- The code in this repository which function is to extract the shellcode from the maldoc.☆10Updated last year
- Unpacker for donut shellcode☆17Updated 5 years ago
- Experiments on the Windows Internals☆30Updated 5 years ago
- ☆70Updated 4 months ago
- Iterate over Windows Handles☆14Updated last year
- Inter-Process Communication Mechanisms☆28Updated 4 years ago