Notes and IoCs of fresh malware
☆62Jul 5, 2024Updated last year
Alternatives and similar repositories for malware-notes
Users that are interested in malware-notes are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Scripts, Yara rules and other files developed during malware investigations☆27Aug 19, 2022Updated 3 years ago
- A collection of my public YARA signatures for various malware families☆30Sep 20, 2024Updated last year
- Tracking APT IOCs☆25Nov 16, 2020Updated 5 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆29Jun 11, 2020Updated 5 years ago
- ☆10Oct 1, 2016Updated 9 years ago
- Yara rules written by me, for free use.☆20Nov 26, 2021Updated 4 years ago
- Personal research and publication on malware families☆142Dec 28, 2024Updated last year
- Malware development: persistence - part 1: startup folder registry keys. C++ implementation☆12Apr 21, 2022Updated 3 years ago
- This directory contains random scripts from threat hunting or malware research☆11Feb 15, 2018Updated 8 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Jan 6, 2021Updated 5 years ago
- ☆10Apr 2, 2022Updated 3 years ago
- This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.☆121Mar 4, 2026Updated 3 weeks ago
- Latest muhstik release (4.2.2)☆10Mar 25, 2014Updated 12 years ago
- ☆10Mar 29, 2022Updated 3 years ago
- Provides a multi-platform Graphical User Interface for hashlookup☆12Jul 12, 2024Updated last year
- Double pulsar tool of NSA leaked by SHADOW BROKERS☆15Jun 16, 2017Updated 8 years ago
- Detect-X Automated Threat Detection by AI☆32Oct 10, 2019Updated 6 years ago
- ☆96May 5, 2025Updated 10 months ago
- ☆21Apr 19, 2024Updated last year
- A proof of concept to dump Django website's source code affected by NGINX's off-by-slash alias directive misconfiguration.☆24Dec 8, 2022Updated 3 years ago
- DNS Misconfiguration : S0x4 - Same Site Scripting Scanner☆15Jan 20, 2021Updated 5 years ago
- Collection of YARA signatures from individual research☆44Nov 20, 2023Updated 2 years ago
- NSA-Proof Secure P2P Chat client☆11Jul 15, 2015Updated 10 years ago
- Script to pull newly-registered domains and check for similarity against a provided word list.☆13Aug 2, 2020Updated 5 years ago
- No longer maintained. Timing attacks on a browsers cache to try to predict websites/subreddits that have been viewed☆13Mar 26, 2022Updated 3 years ago
- CVE-2022-24734 PoC☆48May 8, 2022Updated 3 years ago
- Ransomware simulation script written in PowerShell. Useful for testing your defenses and backups against real ransomware-like activity in…☆240Oct 14, 2024Updated last year
- CAPE core and community parsers☆18Feb 9, 2026Updated last month
- A guide on how to write fast and memory friendly YARA rules☆167Feb 11, 2025Updated last year
- 威胁检测规则集☆15Jul 5, 2019Updated 6 years ago
- A hands-on workshop to learn how to do threat detection and response in AWS.☆11Sep 13, 2021Updated 4 years ago
- Bypass AntiVirus with Python and Metasploit using shellcode☆11Mar 25, 2016Updated 10 years ago
- The NSA wants access to your all your data, might as well make it easier for them to access the backend of your WordPress install. When …☆27Nov 2, 2016Updated 9 years ago
- Reverse engineered source code of the autochk rootkit☆210Nov 1, 2019Updated 6 years ago
- Suricata rules to detect Winnti communication☆16Mar 5, 2018Updated 8 years ago
- Cyber Threats Detection Rules☆14Sep 16, 2025Updated 6 months ago
- Helping to automate payload development, testing, Opsec checking, beacon tasking, and deployment for Cobalt Strike☆51Jun 18, 2022Updated 3 years ago
- FETB : Take URL of File For Analysis using File + ExifTool + Binwalk Commands☆20Feb 2, 2021Updated 5 years ago
- ☆18Sep 13, 2021Updated 4 years ago