ahhh / YARALinks
a collection of yara rules for binary analysis
☆24Updated 8 years ago
Alternatives and similar repositories for YARA
Users that are interested in YARA are comparing it to the libraries listed below
Sorting:
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Updated 9 years ago
- Resolves DLL API entrypoints for a process w/ remote query capabilities.☆56Updated 8 years ago
- simple plugin to detect shellcode on Bro IDS with Unicorn☆33Updated 8 years ago
- POC for IAT Parsing Payloads☆48Updated 8 years ago
- QEMU with rVMI extensions☆24Updated 8 years ago
- Analysis PE file or Shellcode☆50Updated 9 years ago
- This script is used for extracting DDE in docx and xlsx☆12Updated 7 years ago
- Automatically exported from code.google.com/p/malware-lu☆55Updated 6 years ago
- Mal Tindex is an Open Source tool for indexing binaries and help attributing malware campaigns☆67Updated 8 years ago
- Volatility Framework plugin to detect various types of hooks as performed by banking Trojans☆40Updated 6 years ago
- A Rekall interactive document for a Memory Analysis workshop/course.☆43Updated 8 years ago
- ☆68Updated 8 years ago
- IDATACO IDA Pro Plugin☆47Updated 9 years ago
- Framework to automatically test and explore the capabilities of generic AV engines☆69Updated 6 years ago
- A tool to generate yara signatures from function blocks☆19Updated 10 years ago
- officefileinfo is a python script to help analyse the newer Microsoft Office file formats. There are numerous tools for dealing with the …☆16Updated 9 years ago
- Static and automated/dynamic malware analysis☆47Updated 10 years ago
- API functions for Malware Research☆35Updated 6 years ago
- An automated collection and analysis of malware from my honeypots.☆25Updated 7 years ago
- Collection of my Python Scripts☆41Updated 5 years ago
- Sentinel is a command line tool able to protect Windows 32 bit programs against exploits targeted by attackers or viruses. It can protect…☆71Updated 11 years ago
- Command-line Interface for Binar.ly☆38Updated 8 years ago
- Yet another Python library to read and write PE/PE+ files.☆78Updated 9 years ago
- Portable utility to check if a machine has been infected by Shamoon2☆15Updated 8 years ago
- Malware Fragmentation Tool its a tool that simply fragment the PE file and it can disassemble the PE file, etc this tool very useful for…☆37Updated 9 years ago
- PAC HTTPS leak demo from DEF CON 24 'Toxic Proxies' talk☆30Updated 9 years ago
- ☆16Updated 10 years ago
- A collection of Volatility Framework plugins.☆26Updated 12 years ago
- Script to extract malicious payload and decoy document from CVE-2015-1641 exploit documents☆23Updated 8 years ago
- Code for the DIMVA 2018 paper: "MemScrimper: Time- and Space-Efficient Storage of Malware Sandbox Memory Dumps"☆27Updated 6 years ago