cod3nym/detection-rules external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

cod3nym/detection-rules

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/cod3nym/detection-rules)

Close

cod3nym / detection-rulesView on GitHubMore

• External links
• Readme badge

Collection of my own detection rules

☆20Jan 6, 2026Updated 4 months ago

Alternatives and similar repositories for detection-rules

Users that are interested in detection-rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• RussianPanda95 / russianpanda95.github.io

  View on GitHub
  ☆12Aug 16, 2024Updated last year
• n1ght-w0lf / MalwareAnalysis

  View on GitHub
  My malware analysis code snippets
  ☆28Jul 15, 2023Updated 2 years ago
• 100DaysofYARA / 2022

  View on GitHub
  ☆23Dec 15, 2022Updated 3 years ago
• GDATASoftwareAG / TypeRefHasher

  View on GitHub
  CLI tool to compute the TypeRefHash for .NET binaries.
  ☆19Nov 10, 2021Updated 4 years ago
• PwCUK-CTO / rtfsig

  View on GitHub
  A tool to help malware analysts signature unique parts of RTF documents
  ☆28Jan 5, 2026Updated 4 months ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• Invoke-RE / community-malware-research

  View on GitHub
  A repository to store community malware research notes and findings.
  ☆15Feb 13, 2026Updated 3 months ago
• schrodyn / steezy

  View on GitHub
  Steezy - Ghetto Yara Generation
  ☆15Mar 27, 2023Updated 3 years ago
• OALabs / UnpacMe-IDA-Byte-Search

  View on GitHub
  UnpacMe IDA Byte Search
  ☆29Nov 20, 2023Updated 2 years ago
• ACE-Responder / rpcfirewall-extended-telemetry

  View on GitHub
  ☆16May 3, 2024Updated 2 years ago
• qianniaoge / Honeypot-Detection

  View on GitHub
  蜜罐检测工具，支持自动化URL去重、多线程控制及智能速率限制。可识别伪装服务。
  ☆16Jun 5, 2025Updated 11 months ago
• wetw0rk / wetw0rk.github.io

  View on GitHub
  ☆20Jan 14, 2026Updated 4 months ago
• matthw / malware_analysis

  View on GitHub
  ☆18Mar 26, 2024Updated 2 years ago
• huds0nx / dumbassembly

  View on GitHub
  version 0.5.8
  ☆18Jul 13, 2021Updated 4 years ago
• stvemillertime / Absolutely-Positively-NOT-Hacking-Back-with-Pcap

  View on GitHub
  Streaming Unexpected Network Byte Sequences with High Probability of Blue Screening or Otherwise Crashing Attacker Command-and-Control No…
  ☆22Jul 14, 2019Updated 6 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• the2dl / chronicle_detection_public

  View on GitHub
  Public Chronicle Detection Rules
  ☆12Apr 25, 2023Updated 3 years ago
• dr4k0nia / de4dot_gui

  View on GitHub
  Simple GUI app to simplify manual string decryption with de4dot
  ☆26Jan 25, 2022Updated 4 years ago
• bytecode77 / component-services-privilege-escalation

  View on GitHub
  Component Services Volatile Environment LPE
  ☆12Jun 28, 2025Updated 10 months ago
• substing / CVE-2020-24186_reverse_shell_upload

  View on GitHub
  ☆13Dec 21, 2023Updated 2 years ago
• shalomc / bhasia2025

  View on GitHub
  BlackHat Asia 2025 code and presentations
  ☆17Apr 13, 2025Updated last year
• Lima-X / XOrCryptEx

  View on GitHub
  XOrCryptEx lightweight C Utility/Algorithm
  ☆13Mar 3, 2022Updated 4 years ago
• Konloch / Antivirus

  View on GitHub
  Work In Progress
  ☆10Jul 10, 2024Updated last year
• c3rb3ru5d3d53c / mwcfg-modules

  View on GitHub
  Malware Configuration Extraction Modules
  ☆50Nov 25, 2023Updated 2 years ago
• static-analysis-engineering / CodeHawk-Binary

  View on GitHub
  CodeHawk Binary Analyzer for malware analysis and general reverse engineering
  ☆40Apr 24, 2026Updated 3 weeks ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• loneicewolf / exp312-osmr

  View on GitHub
  My Preparations for the "macOS Control Bypasses (EXP-312-osmr)" Course By OffensiveSecurity.
  ☆25Sep 22, 2021Updated 4 years ago
• Unprotect-Project / Unprotect_Submission

  View on GitHub
  Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…
  ☆207Mar 30, 2026Updated last month
• YoavLevi / IAT-Tracer

  View on GitHub
  An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…
  ☆126Jul 12, 2024Updated last year
• mantvydasb / c-playground

  View on GitHub
  C & Shellcode Playground..
  ☆10Dec 2, 2017Updated 8 years ago
• 100DaysofYARA / 2024

  View on GitHub
  Rules shared by the community from 100 Days of YARA 2024
  ☆90Jan 1, 2025Updated last year
• SecWiki / Incident-Response-Collections

  View on GitHub
  Incident Response Collections
  ☆11Jul 24, 2018Updated 7 years ago
• Soju06 / kernelLoader

  View on GitHub
  Windows 10/11 unsigned kernel driver load/debugging
  ☆20Feb 17, 2023Updated 3 years ago
• eclipsesrcool / faucet

  View on GitHub
  FAUCET is an OpenFlow controller for multi table OpenFlow 1.3 switches, that implements layer 2 switching, VLANs, ACLs, and layer 3 IPv4 …
  ☆14Nov 18, 2019Updated 6 years ago
• Darkabode / 0lib

  View on GitHub
  Zerokit shared code
  ☆18Mar 28, 2019Updated 7 years ago
• Serverless GPU API endpoints on Runpod - Get Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• loneicewolf / DUQU

  View on GitHub
  DUQU MALWARE SOURCE + BINARY + More coming
  ☆14Feb 6, 2023Updated 3 years ago
• ComodoSecurity / OpenEDRRules

  View on GitHub
  ☆13Sep 22, 2022Updated 3 years ago
• matthewdgreen / nistfoia

  View on GitHub
  Results of a recent FOIA for NIST documents related to the design of Dual EC DRBG. Via EFF and Rep. Grayson's office. See README for deta…
  ☆24Feb 10, 2015Updated 11 years ago
• bytecode77 / display-languages-privilege-escalation

  View on GitHub
  Display Languages Volatile Environment LPE
  ☆12Jun 28, 2025Updated 10 months ago
• benheise / bootkit

  View on GitHub
  UEFI bootkit: Hardware Implant. In-Progress
  ☆15Mar 7, 2022Updated 4 years ago
• c3rb3ru5d3d53c / mwcfg

  View on GitHub
  A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck
  ☆131Nov 25, 2023Updated 2 years ago
• oldoldman / iSCSI_ctl

  View on GitHub
  an iSCSI demo driver for Windows
  ☆12Sep 21, 2015Updated 10 years ago