claroty / aryaLinks
Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.
☆258Updated 2 years ago
Alternatives and similar repositories for arya
Users that are interested in arya are comparing it to the libraries listed below
Sorting:
- ☆226Updated 3 years ago
- A guide on how to write fast and memory friendly YARA rules☆152Updated 7 months ago
- Signatures and IoCs from public Volexity blog posts.☆356Updated 3 weeks ago
- ☆130Updated last year
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆138Updated last year
- Automated YARA Rule Standardization and Quality Assurance Tool☆245Updated this week
- ☆144Updated 2 months ago
- ☆211Updated 3 months ago
- Anything Sysmon related from the MSTIC R&D team☆156Updated last year
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆170Updated 2 years ago
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆106Updated 4 months ago
- YARA rule analyzer to improve rule quality and performance☆103Updated 5 months ago
- ☆212Updated 4 months ago
- Collection of malware persistence and hunting information. Be a persistent persistence hunter!☆181Updated 2 months ago
- Threat Hunting tool about Sysmon and graphs☆334Updated 2 years ago
- A python script developed to process Windows memory images based on triage type.☆265Updated last year
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆205Updated 3 years ago
- Visually inspect and force decode YARA and regex matches found in both binary and text data with colors. Lots of colors.☆140Updated 3 weeks ago
- This repo is a collection of Ransomware reports from vendors, researchers, etc.☆119Updated 3 years ago
- RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.☆289Updated 2 years ago
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆248Updated 6 months ago
- ☆513Updated 11 months ago
- #ThreatHunting #DFIR #Malware #Detection Mind Maps☆302Updated 3 years ago
- Collection of private Yara rules.☆368Updated this week
- Collection of rules created using YARA-Signator over Malpedia☆135Updated 10 months ago
- Elastic Security Labs releases☆82Updated 3 months ago
- Sigma rules from Joe Security☆221Updated 11 months ago
- PCAP visualization tool☆103Updated 2 years ago
- Cobalt Strike Beacon configuration extractor and parser.☆156Updated 4 years ago
- Sysmon EDR POC Build within Powershell to prove ability.☆226Updated 4 years ago