Use YARA rules on Time Travel Debugging traces
☆97Jul 11, 2023Updated 2 years ago
Alternatives and similar repositories for yara-ttd
Users that are interested in yara-ttd are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Tools for offensive security of NetBackup infrastructures☆48Jun 6, 2023Updated 3 years ago
- Extract data of TTD trace file to a minidump☆31Jul 31, 2023Updated 2 years ago
- Powershell/Javascript deobfuscator based on tree-sitter☆98Jun 23, 2026Updated 2 weeks ago
- A program to read and modify the memory of other processes.☆20May 19, 2023Updated 3 years ago
- VBScript & VBA source-to-source deobfuscator with partial-evaluation☆81Aug 7, 2024Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Automatically generate AV byte signatures from sets of similar binaries.☆289May 4, 2026Updated 2 months ago
- This tool calculates tricky canonical huffman histogram for CVE-2023-4863.☆25Dec 20, 2023Updated 2 years ago
- Bindings for Microsoft WinDBG TTD☆242Aug 5, 2023Updated 2 years ago
- ☆17Jun 30, 2020Updated 6 years ago
- Python tool to check rootkits in Windows kernel☆210Aug 20, 2025Updated 10 months ago
- Automation script to download JSON MISP files from a SFTP server and import them via API to a MISP instance.☆15May 12, 2023Updated 3 years ago
- ☆89Feb 12, 2025Updated last year
- Time Travel Debugging IDA plugin☆597Jun 27, 2024Updated 2 years ago
- Windows Kernel Mode PCRE☆10Feb 4, 2015Updated 11 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Rust binding for Keystone assembler framework☆11Dec 9, 2018Updated 7 years ago
- PoC compilation of libyara into WASM, for potential future CyberChef integration☆14Sep 18, 2022Updated 3 years ago
- Official VirusTotal plugin for IDA Pro☆177Feb 4, 2026Updated 5 months ago
- ☆21Oct 4, 2015Updated 10 years ago
- Lightweight WINAPI tracing with Pin☆27Aug 22, 2019Updated 6 years ago
- 一款linux下的安全产品目的是满足个人安全需求有SSH爆破防护和SYN攻击扫描 防护功能,基于netfilter,☆23Dec 2, 2023Updated 2 years ago
- Monitor ETW events for Windows process mitigation policies, with stack traces☆30Oct 7, 2022Updated 3 years ago
- Rules Shared by the Community from 100 Days of YARA 2023☆78Apr 12, 2023Updated 3 years ago
- 基于UC的启发式杀毒引擎[还没做完]☆35Mar 28, 2021Updated 5 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- 关于intel和amd指令行为不一样这件事☆56Apr 15, 2022Updated 4 years ago
- ☆23Dec 15, 2022Updated 3 years ago
- POC for CVE-2023-29360☆11Aug 31, 2024Updated last year
- Reviews and tests of security products☆17Dec 28, 2024Updated last year
- Blogpost about optimizing binary-only fuzzing with AFL++☆69Oct 7, 2023Updated 2 years ago
- A python library for generate ida pro files (*.idb/*.i64) in batch mode & compare executable files use bindiff in batch mode.☆32Jul 9, 2025Updated last year
- An eBPF detection program for CVE-2022-0847☆29Jul 5, 2022Updated 4 years ago
- IDA Pro plugin for recognizing known hashes of API function names☆82May 12, 2022Updated 4 years ago
- The hidden mstsc recorder player☆27Mar 9, 2020Updated 6 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Suricata rules to detect Winnti communication☆16Mar 5, 2018Updated 8 years ago
- USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is exec…☆21Sep 6, 2022Updated 3 years ago
- Summarize CTI reports with OpenAI☆18Jun 15, 2026Updated 3 weeks ago
- A Rust crate for parsing Windows user minidumps.☆41May 13, 2026Updated last month
- A ProcessMonitor visualization application written in rust.☆182Aug 6, 2023Updated 2 years ago
- Structured Bindings Pack - serialize C++ structs into MessagePack binary form☆22Nov 4, 2020Updated 5 years ago
- A Windows kernel dump C++ parser library with Python 3 bindings.☆212Oct 5, 2025Updated 9 months ago