airbus-cert / minusoneLinks
Powershell Linter
☆84Updated 3 weeks ago
Alternatives and similar repositories for minusone
Users that are interested in minusone are comparing it to the libraries listed below
Sorting:
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆82Updated 2 years ago
- Yara Rules for Modern Malware☆79Updated last year
- Configuration Extractors for Malware☆117Updated 6 months ago
- ☆114Updated 3 months ago
- GoResolver is a Go analysis tool using both Go symbol extraction and Control Flow Graph (CFG) similarity to identify and resolve the func…☆72Updated 2 months ago
- A C# based tool for analysing malicious OneNote documents☆116Updated 2 years ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆45Updated 2 years ago
- Repository of Yara Rules☆123Updated last month
- a tiny program to consume from ETW providers for research☆52Updated 9 months ago
- A ProcessMonitor visualization application written in rust.☆184Updated 2 years ago
- VBScript & VBA source-to-source deobfuscator with partial-evaluation☆80Updated last year
- ☆242Updated 4 months ago
- FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.☆62Updated 4 months ago
- ☆82Updated 11 months ago
- ☆179Updated 6 months ago
- Use YARA rules on Time Travel Debugging traces☆94Updated 2 years ago
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆112Updated 4 years ago
- bootloaders.io is a curated list of known malicious bootloaders for various operating systems. The project aims to assist security profes…☆68Updated 2 years ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules☆128Updated last week
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Updated 2 years ago
- runsc loads 32/64 bit shellcode (depending on how runsc is compiled) in a way that makes it easy to load in a debugger. This code is base…☆38Updated 2 years ago
- A golang CLI tool to download malware from a variety of sources.☆150Updated 3 months ago
- Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …☆39Updated 8 months ago
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆132Updated this week
- ☆109Updated last month
- Linux #rootkit and #malware revealer☆28Updated last year
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆90Updated last year
- A tool to support the reporting of Authenticode Certificates by reducing the effort on individuals to report.☆37Updated last month
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆165Updated last year
- ☆27Updated 10 months ago