airbus-cert / dnYaraLinks
A multi-platform .Net wrapper library for the native Yara library.
☆38Updated last year
Alternatives and similar repositories for dnYara
Users that are interested in dnYara are comparing it to the libraries listed below
Sorting:
- Parses the WMI object database....looking for persistence☆31Updated 5 years ago
- $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility☆36Updated 10 months ago
- Command line access to the Registry☆147Updated 3 weeks ago
- Mario & Luigi - Tools for sniffing Windows Named Pipes communication☆129Updated 8 years ago
- Extract common Windows artifacts from source images and VSCs☆65Updated 4 years ago
- Yet another registry parser☆132Updated 3 years ago
- VSCode extension for the YARA pattern matching language☆64Updated last year
- Lnk file parser☆87Updated last week
- ☆216Updated 7 years ago
- Registry Explorer bookmark definitions☆43Updated 5 months ago
- Windows Prefetch parser. Supports all known versions from Windows XP to Windows 10.☆113Updated 4 months ago
- .NET wrapper for libyara built in C++ CLI used to easily incorporate yara into .NET projects☆54Updated 9 months ago
- PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.☆103Updated 4 years ago
- PowerShell Module for the Antimalware Scan Interface (AMSI)☆25Updated 8 years ago
- ☆66Updated 3 weeks ago
- Extract compressed memory pages from page-aligned data☆45Updated 6 years ago
- A repository that maps API calls to Sysmon Event ID's.☆121Updated 2 years ago
- A library for fast parse & import of Windows Eventlogs into Elasticsearch.☆85Updated last month
- Trace ScriptBlock execution for powershell v2☆40Updated 5 years ago
- PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.☆56Updated 3 years ago
- A simple utility to list all methods of a given .NET Assembly and to invoke them☆74Updated 3 years ago
- Extension blocks as found in ShellBags and other places in the Registry☆24Updated 4 months ago
- PowerShell No Agent Hunting☆110Updated 7 years ago
- Documentation and supporting script sample for Windows Exploit Guard☆156Updated 3 years ago
- Log newly created WMI consumers and processes to the Windows Application event log☆124Updated 7 years ago
- Detect possible sysmon logging bypasses given a specific configuration☆111Updated 6 years ago
- Full featured, offline Registry parser in C#☆230Updated 4 months ago
- Decode security descriptors in $Secure on NTFS☆20Updated 3 years ago
- Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing☆55Updated 6 years ago
- ☆52Updated 6 years ago