Collection of my own detection rules
☆20Jan 6, 2026Updated 2 months ago
Alternatives and similar repositories for detection-rules
Users that are interested in detection-rules are comparing it to the libraries listed below
Sorting:
- ☆12Aug 16, 2024Updated last year
- My malware analysis code snippets☆28Jul 15, 2023Updated 2 years ago
- FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.☆76Jan 6, 2026Updated 2 months ago
- ☆23Dec 15, 2022Updated 3 years ago
- CLI tool to compute the TypeRefHash for .NET binaries.☆19Nov 10, 2021Updated 4 years ago
- A tool to help malware analysts signature unique parts of RTF documents☆28Jan 5, 2026Updated 2 months ago
- A repository to store community malware research notes and findings.☆15Feb 13, 2026Updated last month
- ☆15May 3, 2024Updated last year
- Steezy - Ghetto Yara Generation☆15Mar 27, 2023Updated 2 years ago
- UnpacMe IDA Byte Search☆29Nov 20, 2023Updated 2 years ago
- 蜜罐检测工具,支持自动化URL去重、多线程控制及智能速率限制。可识别伪装服务。☆16Jun 5, 2025Updated 9 months ago
- ☆20Jan 14, 2026Updated 2 months ago
- ☆18Mar 26, 2024Updated last year
- version 0.5.8☆18Jul 13, 2021Updated 4 years ago
- Streaming Unexpected Network Byte Sequences with High Probability of Blue Screening or Otherwise Crashing Attacker Command-and-Control No…☆22Jul 14, 2019Updated 6 years ago
- Simple GUI app to simplify manual string decryption with de4dot☆27Jan 25, 2022Updated 4 years ago
- Component Services Volatile Environment LPE☆12Jun 28, 2025Updated 8 months ago
- ☆13Dec 21, 2023Updated 2 years ago
- Work In Progress☆10Jul 10, 2024Updated last year
- XOrCryptEx lightweight C Utility/Algorithm☆11Mar 3, 2022Updated 4 years ago
- Malware Configuration Extraction Modules☆51Nov 25, 2023Updated 2 years ago
- CodeHawk Binary Analyzer for malware analysis and general reverse engineering☆39Mar 4, 2026Updated 2 weeks ago
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆207Sep 20, 2025Updated 6 months ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆125Jul 12, 2024Updated last year
- C & Shellcode Playground..☆10Dec 2, 2017Updated 8 years ago
- Rules shared by the community from 100 Days of YARA 2024☆89Jan 1, 2025Updated last year
- Incident Response Collections☆11Jul 24, 2018Updated 7 years ago
- Windows 10/11 unsigned kernel driver load/debugging☆19Feb 17, 2023Updated 3 years ago
- FAUCET is an OpenFlow controller for multi table OpenFlow 1.3 switches, that implements layer 2 switching, VLANs, ACLs, and layer 3 IPv4 …☆14Nov 18, 2019Updated 6 years ago
- Zerokit shared code☆17Mar 28, 2019Updated 6 years ago
- DUQU MALWARE SOURCE + BINARY + More coming☆13Feb 6, 2023Updated 3 years ago
- ALPChecker - a tool to detect spoofing and blinding attacks on the ALPC interaction☆13Feb 13, 2023Updated 3 years ago
- ☆13Sep 22, 2022Updated 3 years ago
- Results of a recent FOIA for NIST documents related to the design of Dual EC DRBG. Via EFF and Rep. Grayson's office. See README for deta…☆24Feb 10, 2015Updated 11 years ago
- Display Languages Volatile Environment LPE☆12Jun 28, 2025Updated 8 months ago
- UEFI bootkit: Hardware Implant. In-Progress☆15Mar 7, 2022Updated 4 years ago
- A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck☆132Nov 25, 2023Updated 2 years ago
- ☆14Dec 24, 2023Updated 2 years ago
- BYOVD collection☆24Mar 20, 2024Updated 2 years ago