Alternatives and similar repositories for obfuscation-detection

Users that are interested in obfuscation-detection are comparing it to the libraries listed below

• marcusbotacin / Dropper
  Embed an executable as a PE resource, drops and launches it in runtime.
  ☆60Updated 3 years ago
• vmware-samples / tau-research
  The project will serve as a central repository for VMware Threat Analysis Unit (TAU) to share threat intelligence with the security commu…
  ☆17Updated 2 years ago
• stratosphereips / yara-rules
  Repository of Yara rules created by the Stratosphere team
  ☆26Updated 3 years ago
• errbody / DPRK-Research
  ☆36Updated 3 months ago
• ComodoSecurity / OpenEDRRules
  ☆12Updated 2 years ago
• n1ght-w0lf / Uchihash
  A small utility to deal with malware embedded hashes.
  ☆51Updated last year
• 0x534a / dynmx
  Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!
  ☆83Updated last year
• fkie-cad / yapscan
  Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.
  ☆61Updated last year
• peasead / windows-sandbox-to-elastic
  Rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sending data to Elastic Cloud.
  ☆50Updated last year
• zom3y3 / ssdc
  ssdeep cluster analysis for malware files
  ☆30Updated 5 years ago
• malienist / vovk
  Vovk is framework of tools that include a WinDbg extension that generates in-depth YARA rules for malware.
  ☆22Updated 9 months ago
• JPCERTCC / Lazarus-research
  Lazarus analysis tools and research report
  ☆56Updated last year
• adava / CnCHunter
  This project fully automates the process of analyzing and exploiting IoT malware to find live CnC servers.
  ☆42Updated 10 months ago
• thewhiteninja / deobshell
  Powershell script deobfuscation using AST in Python
  ☆66Updated last year
• X-Junior / Malware-IDAPython-Scripts
  ☆22Updated last year
• OTRF / BHEU22-ADFS
  Writing Your Own Ticket to the Cloud Like APT: A Deep-dive to AD FS Attacks, Detections, and Mitigations
  ☆12Updated 2 years ago
• nasbench / SEDR-Internals
  Symantec EDR Internals
  ☆26Updated 3 years ago
• elastic / siglearn
  Code for BH21 talk: "Generating YARA Rules by Classifying Malicious Byte Sequences"
  ☆17Updated 4 months ago
• eremit4 / cs-discovery
  Detecting Cobalt Strike Team Servers on targets through traffic telemetry.
  ☆22Updated 9 months ago
• xforcered / elfpack
  ELF Sectional docking payload injector system
  ☆21Updated 2 years ago
• n1ght-w0lf / MalwareAnalysis
  My malware analysis code snippets
  ☆27Updated last year
• CrowdStrike / embersim-databank
  Code for the paper "EMBERSim: A Large-Scale Databank for Boosting Similarity Search in Malware Analysis"
  ☆29Updated last year
• elceef / yara-rulz
  Collection of generic YARA rules
  ☆16Updated 11 months ago
• deepinstinct / DeMotet
  Unpacking and decryption tools for the Emotet malware
  ☆46Updated 3 years ago
• airbus-cert / vbSparkle
  VBScript & VBA source-to-source deobfuscator with partial-evaluation
  ☆77Updated 10 months ago
• fox-it / cobaltstrike-beacon-data
  Open Dataset of Cobalt Strike Beacon metadata (2018-2022)
  ☆125Updated 3 years ago
• lasq88 / MalwareAnalysis
  Malware Analysis tools
  ☆26Updated 8 months ago
• jstrosch / subparse
  Modular malware analysis artifact collection and correlation framework
  ☆53Updated last year
• 0xThiebaut / Signatures
  🚧 Currently transfering TLP:CLEAR rules from TLP:AMBER repository...
  ☆21Updated last year
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆76Updated 3 years ago