bi-zone / etw
Go library for ETW (Event Tracing for Windows) events processing
☆59Updated 2 years ago
Related projects: ⓘ
- enpoint detection / live analysis & sandbox host / signatures quality test☆41Updated 3 years ago
- Golang Parser for Microsoft Event Logs☆96Updated last month
- A Go implementation and parser for Sigma rules.☆82Updated 2 weeks ago
- Signature engine for all your logs☆156Updated 10 months ago
- Go implementation of an Extensible Storage Engine parser☆26Updated 7 months ago
- Golang parser for OLE files☆31Updated 3 months ago
- ☆157Updated last year
- Golang library that implements a sigma log rule parser and match engine.☆89Updated 2 months ago
- Alternative YARA scanning engine☆66Updated 2 years ago
- A golang implementation of a prefetch parser.☆19Updated last week
- A guide on how to write fast and memory friendly YARA rules☆123Updated last year
- APIs for generating STIX 2.1 and TAXII 2.1 messages with Go (Golang)☆51Updated last year
- A Go implementation of JARM☆119Updated 2 years ago
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆93Updated 2 weeks ago
- gyp: A pure Go YARA parser☆98Updated 6 months ago
- ☆38Updated 2 years ago
- A repository that maps API calls to Sysmon Event ID's.☆116Updated last year
- YARA rule analyzer to improve rule quality and performance☆93Updated 9 months ago
- Fork of pkg/debug that adds some additional functionality.☆116Updated 6 months ago
- Use YARA rules on Time Travel Debugging traces☆86Updated last year
- SysmonX - An Augmented Drop-In Replacement of Sysmon☆206Updated 5 years ago
- Open Dataset of Cobalt Strike Beacon metadata (2018-2022)☆122Updated 2 years ago
- Windows Task Scheduler Library for Go☆136Updated last week
- Collect autorun records from running system☆59Updated 2 years ago
- Imphash-like calculation on Golang binaries☆48Updated 2 years ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- Build a local copy of MITRE ATT&CK and CAPEC. Server mode for easy querying.☆29Updated this week
- ☆214Updated 4 months ago
- An NTFS file parser in Go☆64Updated last month
- Elastic Security Labs releases☆46Updated 3 weeks ago