Malware similarity platform with modularity in mind.
☆80Jul 18, 2021Updated 4 years ago
Alternatives and similar repositories for aurora
Users that are interested in aurora are comparing it to the libraries listed below
Sorting:
- Malware repository component for samples & static configuration with REST API interface.☆376Feb 24, 2026Updated last week
- YARI is an interactive debugger for YARA Language.☆90Sep 10, 2025Updated 5 months ago
- Simple yara rule manager☆67Dec 27, 2022Updated 3 years ago
- Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing☆24May 29, 2023Updated 2 years ago
- Distributed malware processing framework based on Python, Redis and S3.☆462Updated this week
- Steezy - Ghetto Yara Generation☆15Mar 27, 2023Updated 2 years ago
- A collection of tools adversaries commonly use in an attack.☆14Nov 23, 2024Updated last year
- ☆22Dec 22, 2020Updated 5 years ago
- ☆16Apr 30, 2024Updated last year
- Low budget VirusTotal Intelligence Cosplay☆20Jan 6, 2022Updated 4 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆75Jan 18, 2022Updated 4 years ago
- Automatically create YARA rules from malicious documents.☆211May 16, 2022Updated 3 years ago
- A Modular MWDB Utility to Collect Fresh Malware Samples☆34May 17, 2021Updated 4 years ago
- YARA malware query accelerator (web frontend)☆437Feb 3, 2026Updated last month
- Script to pull newly-registered domains and check for similarity against a provided word list.☆13Aug 2, 2020Updated 5 years ago
- Imphash-like calculation on Golang binaries☆49Jul 2, 2022Updated 3 years ago
- IOC from articles, tweets for archives☆318Dec 12, 2023Updated 2 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆431Dec 22, 2023Updated 2 years ago
- Various capabilities for static malware analysis.☆80Sep 4, 2024Updated last year
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆786Feb 22, 2026Updated last week
- Golang implementation of PyMISP-feedgenerator☆18Jul 31, 2022Updated 3 years ago
- IDARay is an IDA Pro plugin that matches the database against multiple YARA files which themselves may contain multiple rules.☆18Nov 16, 2018Updated 7 years ago
- Yet another rule generator for Yara☆29Jun 6, 2025Updated 8 months ago
- A specialized implementation of the Hierarchical Navigable Small World (HNSW) data structure adapted for efficient nearest neighbor looku…☆10Updated this week
- Python based CLI for MalwareBazaar☆39Jul 22, 2025Updated 7 months ago
- DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted …☆340Feb 7, 2025Updated last year
- DRAKVUF Sandbox - automated hypervisor-level malware analysis system☆1,269Updated this week
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Feb 6, 2024Updated 2 years ago
- A CLI tool for querying passive DNS services☆42Dec 15, 2023Updated 2 years ago
- This repository contains various files linked to Operation Shadowhammer as it was originally discovered by Kaspersky Team.☆12Mar 27, 2019Updated 6 years ago
- Threat Box Assessment Tool☆19Aug 15, 2021Updated 4 years ago
- Trigram database written in C++, suited for malware indexing☆130Jan 26, 2026Updated last month
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆116Updated this week
- Active C2 IoCs☆99Nov 28, 2022Updated 3 years ago
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆134Jan 31, 2022Updated 4 years ago
- Repository for scripts and tips for "Yara Scan Service"☆20Feb 19, 2023Updated 3 years ago
- Malware Configuration Extraction Modules☆51Nov 25, 2023Updated 2 years ago
- ☆35Oct 29, 2021Updated 4 years ago
- Practical Information Sharing between Law Enforcement and CSIRT communities using MISP☆35Sep 18, 2023Updated 2 years ago