airbus-cert / dnYaraLinks
A multi-platform .Net wrapper library for the native Yara library.
☆38Updated last year
Alternatives and similar repositories for dnYara
Users that are interested in dnYara are comparing it to the libraries listed below
Sorting:
- Extract common Windows artifacts from source images and VSCs☆65Updated 4 years ago
- Parses the WMI object database....looking for persistence☆32Updated 5 years ago
- $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility☆37Updated 11 months ago
- Yet another registry parser☆132Updated 3 years ago
- VSCode extension for the YARA pattern matching language☆64Updated last year
- ☆217Updated 7 years ago
- Lnk file parser☆87Updated 3 weeks ago
- Random hunting ordiented yara rules☆97Updated 2 years ago
- Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing☆55Updated 6 years ago
- A rewrite of mactime, a bodyfile reader☆37Updated 10 months ago
- A simple utility to list all methods of a given .NET Assembly and to invoke them☆74Updated 3 years ago
- A repository that maps API calls to Sysmon Event ID's.☆122Updated 2 years ago
- A mapping of used malware names to commonly known family names☆62Updated 2 years ago
- ☆52Updated 6 years ago
- Registry Explorer bookmark definitions☆43Updated 6 months ago
- Decode security descriptors in $Secure on NTFS☆20Updated 3 years ago
- LNK to JSON☆14Updated 6 years ago
- Malware similarity platform with modularity in mind.☆78Updated 3 years ago
- Basic demo for Hidden Treasure talk.☆49Updated 7 years ago
- Binary commandline executable to parse ETL files☆67Updated 7 years ago
- .NET wrapper for libyara built in C++ CLI used to easily incorporate yara into .NET projects☆55Updated 10 months ago
- PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.☆103Updated 4 years ago
- Trace ScriptBlock execution for powershell v2☆40Updated 5 years ago
- Invoke-LiveResponse☆148Updated 3 years ago
- ☆134Updated 6 years ago
- Parser for Windows PowerShell script block logs☆98Updated 10 months ago
- A repo to document API functions mapped to security events across diverse platforms☆75Updated 5 years ago
- Volatility plugins created by the author☆44Updated 9 years ago
- Sharing my BITS☆13Updated 7 years ago
- Theat hunting notes in flat file format and mapped to MITRE's ATT&CK IDs☆42Updated 6 years ago