dmknght / rkcheck
A malware scanner with Yara and ClamAV binding
☆12Updated 3 months ago
Alternatives and similar repositories for rkcheck:
Users that are interested in rkcheck are comparing it to the libraries listed below
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆82Updated last year
- Use YARA rules on Time Travel Debugging traces☆88Updated last year
- Repository of Yara Rules☆103Updated last month
- ☆34Updated last month
- Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.☆61Updated last year
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆114Updated 8 months ago
- Powershell Linter☆50Updated this week
- shared samples from #dailyphish and/or #apt tweets☆37Updated 2 weeks ago
- Imphash-like calculation on Golang binaries☆49Updated 2 years ago
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆62Updated 2 years ago
- A collection of modules and scripts to help with analyzing Nim binaries☆73Updated 5 months ago
- ETW based POC to identify direct and indirect syscalls☆181Updated last year
- Yara Rules for Modern Malware☆75Updated last year
- Powershell script deobfuscation using AST in Python☆65Updated last year
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆70Updated 11 months ago
- VBScript & VBA source-to-source deobfuscator with partial-evaluation☆75Updated 7 months ago
- Reads and prints information from the website MalAPI.io☆19Updated 2 years ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆44Updated 2 years ago
- Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.☆118Updated 3 months ago
- Elastic Security Labs releases☆61Updated last week
- Collection of rules created using YARA-Signator over Malpedia☆126Updated 4 months ago
- A robust, multiprocessing-capable, multi-family RAT config parser/config extractor for AsyncRAT, DcRAT, VenomRAT, QuasarRAT, XWorm, Xeno …☆43Updated this week
- Malware Analysis tools☆26Updated 6 months ago
- ☆51Updated 5 months ago
- ☆39Updated last year
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆207Updated last year
- Linpmem is a linux memory acquisition tool☆79Updated 10 months ago
- Rules Shared by the Community from 100 Days of YARA 2023☆76Updated last year
- Alternative YARA scanning engine☆70Updated 2 years ago
- Code for BH21 talk: "Generating YARA Rules by Classifying Malicious Byte Sequences"☆17Updated last month