claroty / aryaLinks
Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.
☆259Updated 2 years ago
Alternatives and similar repositories for arya
Users that are interested in arya are comparing it to the libraries listed below
Sorting:
- A guide on how to write fast and memory friendly YARA rules☆154Updated 8 months ago
- ☆131Updated last year
- ☆226Updated 3 years ago
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆140Updated last year
- Automated YARA Rule Standardization and Quality Assurance Tool☆249Updated this week
- ☆210Updated 4 months ago
- Signatures and IoCs from public Volexity blog posts.☆359Updated 2 weeks ago
- ☆145Updated this week
- This repo is a collection of Ransomware reports from vendors, researchers, etc.☆119Updated 3 years ago
- ☆211Updated 4 months ago
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆170Updated 3 years ago
- Visually inspect and force decode YARA and regex matches found in both binary and text data with colors. Lots of colors.☆140Updated last month
- Collection of malware persistence and hunting information. Be a persistent persistence hunter!☆182Updated 3 weeks ago
- Threat Hunting tool about Sysmon and graphs☆334Updated 2 years ago
- IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&…☆367Updated 2 years ago
- YARA rule analyzer to improve rule quality and performance☆104Updated 6 months ago
- Collection of rules created using YARA-Signator over Malpedia☆140Updated 11 months ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆207Updated 3 years ago
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆107Updated 5 months ago
- Sigma rules from Joe Security☆224Updated 11 months ago
- Anything Sysmon related from the MSTIC R&D team☆156Updated last year
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆248Updated 6 months ago
- #ThreatHunting #DFIR #Malware #Detection Mind Maps☆303Updated 3 years ago
- Sysmon EDR POC Build within Powershell to prove ability.☆226Updated 4 years ago
- A python script developed to process Windows memory images based on triage type.☆265Updated last year
- Live forensic artifacts collector☆172Updated last year
- Ransomware simulator written in Golang☆451Updated 3 years ago
- JPCERT/CC public YARA rules repository☆110Updated 10 months ago
- Active C2 IoCs☆99Updated 2 years ago
- Distributed malware processing framework based on Python, Redis and S3.☆443Updated 2 weeks ago