Velocidex / go-yara
Go bindings for YARA
☆12Updated 6 months ago
Related projects: ⓘ
- A collection of shellcode hashes☆17Updated 6 years ago
- A Portable Executable parser for Golang☆47Updated last year
- Golang parser for OLE files☆31Updated 3 months ago
- Telsy CTI Research Team☆57Updated 3 years ago
- A golang implementation of a prefetch parser.☆19Updated last week
- Dynamic PowerShell Analysis Framework Based Upon PowerShell Debugging Functionality☆82Updated last year
- Tool to decrypt the configuration of NanoCore and dump all used plugins☆10Updated 3 years ago
- Experiments on the Windows Internals☆30Updated 4 years ago
- The plan is to have a replacement for psexec☆30Updated 6 years ago
- PE file mapping and manipulation package.☆35Updated 2 years ago
- ssdeep cluster analysis for malware files☆29Updated 4 years ago
- IoC's, PCRE's, YARA's etc☆20Updated last year
- Maintain Windows Persistence with an evil Netshell Helper DLL☆12Updated 6 years ago
- ☆53Updated 5 years ago
- A tool to create COM class/interface relationships in neo4j☆47Updated last year
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆49Updated 2 years ago
- IBM RedCON 2020 - Throwing an AquaWrench into the Kernel☆43Updated 4 years ago
- ☆30Updated this week
- Go wrapper for in-memory DLL module loader, MemoryModule☆32Updated 6 years ago
- A library to parse, modify, and implement Malleable C2 profiles☆21Updated 5 years ago
- Unpacker for donut shellcode☆10Updated 4 years ago
- Hide Mimikatz From Process Lists☆17Updated 9 years ago
- ☆44Updated this week
- Synaptics Audio Driver LPE☆37Updated 5 years ago
- Specialized tool to dump Position Independent Code.☆21Updated 4 years ago
- Basic multi platform meterpreter loader module.☆15Updated 4 years ago
- Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.☆74Updated 4 years ago
- Extract OLEv1 objects from RTF files by instrumenting Word☆51Updated 4 years ago
- Rekall Memory Forensic Framework☆29Updated 5 years ago