Velocidex / go-yara

Related projects ⓘ

Alternatives and complementary repositories for go-yara

• malware-kitten / shellcode_hashes
  A collection of shellcode hashes
  ☆17Updated 6 years ago
• Velocidex / oleparse
  Golang parser for OLE files
  ☆31Updated 5 months ago
• Velocidex / go-prefetch
  A golang implementation of a prefetch parser.
  ☆19Updated 2 months ago
• Velocidex / go-pe
  A Portable Executable parser for Golang
  ☆47Updated last year
• listinvest / undonut
  Unpacker for donut shellcode
  ☆10Updated 4 years ago
• MITRECND / picaboo
  Specialized tool to dump Position Independent Code.
  ☆21Updated 4 years ago
• repnz / rpcmon
  RPC Monitor based on The ETW Microsoft-Windows-Rpc provider
  ☆24Updated 4 years ago
• OsandaMalith / WindowsInternals
  Experiments on the Windows Internals
  ☆30Updated 5 years ago
• williballenthin / python-dotnet-binaryformat
  Pure Python parser for data encoded by .NET's BinaryFormatter
  ☆49Updated 6 years ago
• telsy-cyberops / research
  Telsy CTI Research Team
  ☆57Updated 3 years ago
• EgeBalci / MapPE
  PE file mapping and manipulation package.
  ☆35Updated 2 years ago
• NexusFuzzy / NanoDump
  Tool to decrypt the configuration of NanoCore and dump all used plugins
  ☆11Updated 3 years ago
• airbus-cert / etwbreaker
  An IDA plugin to deal with Event Tracing for Windows (ETW)
  ☆50Updated 2 years ago
• hasherezade / libpeconv_tpl
  A ready-made template for a project based on libpeconv.
  ☆41Updated last month
• ohjeongwook / PowerShellRunBox
  Dynamic PowerShell Analysis Framework Based Upon PowerShell Debugging Functionality
  ☆82Updated last year
• zlowram / gopart
  Package that provides different PE tricks to difficult the reverse engineering of your Windows applications.
  ☆11Updated 4 years ago
• golang-devops / go-psexec
  The plan is to have a replacement for psexec
  ☆30Updated 6 years ago
• airbus-cert / PSTrace
  Trace ScriptBlock execution for powershell v2
  ☆39Updated 4 years ago
• jipegit / IncidentsMindMaps
  Cybersecurity Incidents Mind Maps
  ☆32Updated 3 years ago
• magisterquis / alpt4ats
  A Lazy Programmer's Tips for Avoiding the SOC ~ BSides Belfast 2024
  ☆11Updated 2 months ago
• mitre / gocat
  Simplified go-cat agent for caldera
  ☆10Updated 11 months ago
• fkie-cad / yapscan
  Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.
  ☆59Updated last year
• Truneski / WindowsKernelProgramming-Exercises
  ☆49Updated 4 years ago
• jfmaes / DeepSleep
  all credits go to @mgeeky
  ☆58Updated 3 years ago
• tyranid / DumpReparsePoints
  This is a simple tool to dump all the reparse points on an NTFS volume.
  ☆31Updated 4 years ago
• DanusMinimus / Injections
  A repository where I share my injection implemintations
  ☆29Updated 4 years ago
• mandiant / win10_rekall
  Rekall Memory Forensic Framework
  ☆29Updated 5 years ago