cod3nym/detection-rules external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

cod3nym/detection-rules

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/cod3nym/detection-rules)

Close

cod3nym / detection-rulesView on GitHubMore

• External links
• Readme badge

Collection of my own detection rules

☆20Jan 6, 2026Updated 3 months ago

Alternatives and similar repositories for detection-rules

Users that are interested in detection-rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• RussianPanda95 / russianpanda95.github.io

  View on GitHub
  ☆12Aug 16, 2024Updated last year
• n1ght-w0lf / MalwareAnalysis

  View on GitHub
  My malware analysis code snippets
  ☆28Jul 15, 2023Updated 2 years ago
• malpedia / malpedia-flossed

  View on GitHub
  FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.
  ☆77Jan 6, 2026Updated 3 months ago
• GDATASoftwareAG / TypeRefHasher

  View on GitHub
  CLI tool to compute the TypeRefHash for .NET binaries.
  ☆19Nov 10, 2021Updated 4 years ago
• PwCUK-CTO / rtfsig

  View on GitHub
  A tool to help malware analysts signature unique parts of RTF documents
  ☆28Jan 5, 2026Updated 3 months ago
• End-to-end encrypted email - Proton Mail • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
• montysecurity / YaraMonitor

  View on GitHub
  Framework for Monitoring File Ingestion Source for Yara Matches
  ☆50Mar 10, 2025Updated last year
• ACE-Responder / rpcfirewall-extended-telemetry

  View on GitHub
  ☆15May 3, 2024Updated last year
• schrodyn / steezy

  View on GitHub
  Steezy - Ghetto Yara Generation
  ☆15Mar 27, 2023Updated 3 years ago
• OALabs / UnpacMe-IDA-Byte-Search

  View on GitHub
  UnpacMe IDA Byte Search
  ☆28Nov 20, 2023Updated 2 years ago
• buzzer-re / eqfunc

  View on GitHub
  Discover similar functions structures in binaries using graph theory.
  ☆21Oct 14, 2021Updated 4 years ago
• wetw0rk / wetw0rk.github.io

  View on GitHub
  ☆20Jan 14, 2026Updated 2 months ago
• matthw / malware_analysis

  View on GitHub
  ☆18Mar 26, 2024Updated 2 years ago
• huds0nx / dumbassembly

  View on GitHub
  version 0.5.8
  ☆18Jul 13, 2021Updated 4 years ago
• stvemillertime / Absolutely-Positively-NOT-Hacking-Back-with-Pcap

  View on GitHub
  Streaming Unexpected Network Byte Sequences with High Probability of Blue Screening or Otherwise Crashing Attacker Command-and-Control No…
  ☆22Jul 14, 2019Updated 6 years ago
• NordVPN Special Discount Offer • Ad
  Save on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
• dr4k0nia / de4dot_gui

  View on GitHub
  Simple GUI app to simplify manual string decryption with de4dot
  ☆27Jan 25, 2022Updated 4 years ago
• bytecode77 / component-services-privilege-escalation

  View on GitHub
  Component Services Volatile Environment LPE
  ☆12Jun 28, 2025Updated 9 months ago
• shalomc / bhasia2025

  View on GitHub
  BlackHat Asia 2025 code and presentations
  ☆18Apr 13, 2025Updated 11 months ago
• Lima-X / XOrCryptEx

  View on GitHub
  XOrCryptEx lightweight C Utility/Algorithm
  ☆13Mar 3, 2022Updated 4 years ago
• c3rb3ru5d3d53c / mwcfg-modules

  View on GitHub
  Malware Configuration Extraction Modules
  ☆51Nov 25, 2023Updated 2 years ago
• loneicewolf / exp312-osmr

  View on GitHub
  My Preparations for the "macOS Control Bypasses (EXP-312-osmr)" Course By OffensiveSecurity.
  ☆25Sep 22, 2021Updated 4 years ago
• Unprotect-Project / Unprotect_Submission

  View on GitHub
  Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…
  ☆207Mar 30, 2026Updated last week
• YoavLevi / IAT-Tracer

  View on GitHub
  An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…
  ☆125Jul 12, 2024Updated last year
• SecWiki / Incident-Response-Collections

  View on GitHub
  Incident Response Collections
  ☆11Jul 24, 2018Updated 7 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• Soju06 / kernelLoader

  View on GitHub
  Windows 10/11 unsigned kernel driver load/debugging
  ☆19Feb 17, 2023Updated 3 years ago
• eclipsesrcool / faucet

  View on GitHub
  FAUCET is an OpenFlow controller for multi table OpenFlow 1.3 switches, that implements layer 2 switching, VLANs, ACLs, and layer 3 IPv4 …
  ☆14Nov 18, 2019Updated 6 years ago
• loneicewolf / DUQU

  View on GitHub
  DUQU MALWARE SOURCE + BINARY + More coming
  ☆14Feb 6, 2023Updated 3 years ago
• AnastasiKro / ALPChecker

  View on GitHub
  ALPChecker - a tool to detect spoofing and blinding attacks on the ALPC interaction
  ☆13Feb 13, 2023Updated 3 years ago
• matthewdgreen / nistfoia

  View on GitHub
  Results of a recent FOIA for NIST documents related to the design of Dual EC DRBG. Via EFF and Rep. Grayson's office. See README for deta…
  ☆24Feb 10, 2015Updated 11 years ago
• bytecode77 / display-languages-privilege-escalation

  View on GitHub
  Display Languages Volatile Environment LPE
  ☆12Jun 28, 2025Updated 9 months ago
• c3rb3ru5d3d53c / mwcfg

  View on GitHub
  A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck
  ☆132Nov 25, 2023Updated 2 years ago
• R41N3RZUF477 / CVE-2023-41772

  View on GitHub
  ☆14Dec 24, 2023Updated 2 years ago
• florianib / rusty_drivers

  View on GitHub
  BYOVD collection
  ☆24Mar 20, 2024Updated 2 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• JCSteiner / SGCC---public

  View on GitHub
  Command and Control Framework using powershell implants
  ☆36Jun 17, 2025Updated 9 months ago
• jymcheong / OpenEDR

  View on GitHub
  Renamed to Free EDR to avoid confusion with Comodo's project
  ☆26May 29, 2023Updated 2 years ago
• Captain-FLAM / PERFECTwall

  View on GitHub
  The first 100% open-source Firewall for Windows 8/10/11 based on domain names !
  ☆11Jul 6, 2022Updated 3 years ago
• zillya / avenginesdk

  View on GitHub
  Antivirus engine that allows you to create your own anti-virus
  ☆11Nov 2, 2012Updated 13 years ago
• m3rcer / IRvana

  View on GitHub
  Slaying multi-language LLVM IR with obfuscation passes to achieve JIT execution
  ☆132Dec 24, 2025Updated 3 months ago
• RandomRhythm / YARA_Rules_Util

  View on GitHub
  YARA duplicate rule detection and removal. YARA rule index creation. YARA rule file merger.
  ☆10Jan 19, 2026Updated 2 months ago
• malpedia / signator-rules

  View on GitHub
  Collection of rules created using YARA-Signator over Malpedia
  ☆143Jan 6, 2026Updated 3 months ago