A collection of my yara rules
☆34Jul 11, 2023Updated 2 years ago
Alternatives and similar repositories for yara-rules
Users that are interested in yara-rules are comparing it to the libraries listed below
Sorting:
- A collection of small scripts and tools for deobfuscation and malware analysis.☆67Mar 27, 2023Updated 2 years ago
- A tool that adds reproducible UUIDs to YARA rules☆13Apr 24, 2024Updated last year
- Placeholder for my detection repo and misc detection engineering content☆42Oct 20, 2023Updated 2 years ago
- Collection of generic YARA rules☆16Aug 17, 2025Updated 6 months ago
- ☆12Jun 6, 2025Updated 9 months ago
- Collection of rules created using YARA-Signator over Malpedia☆141Jan 6, 2026Updated 2 months ago
- This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports☆78Jan 26, 2026Updated last month
- ☆17Jan 22, 2026Updated last month
- Repository with selected IOCs and YARA rules for threat hunting.☆35May 21, 2025Updated 9 months ago
- Ghosting-AMSI☆18Apr 30, 2025Updated 10 months ago
- ☆22Mar 4, 2025Updated last year
- I have documented all of the AMSI patches that I learned till now☆73Nov 4, 2025Updated 4 months ago
- A tool to create randomly insecure file shares that also contain unsecured credential files☆49Feb 16, 2026Updated 3 weeks ago
- Unpacker and Config Extractor for managed Redline Stealer payloads☆42Feb 18, 2023Updated 3 years ago
- KoiVM,EazVM,AgileVM Patcher Por "Team Venturi77"☆18Aug 16, 2019Updated 6 years ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆46Feb 24, 2023Updated 3 years ago
- Documentation site for Velociraptor☆68Feb 27, 2026Updated last week
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆22Apr 16, 2021Updated 4 years ago
- Top hashpwn rules☆20Dec 12, 2025Updated 2 months ago
- Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell pro…☆85Aug 2, 2023Updated 2 years ago
- This repository regroups the Yara Rules for the Unprotect Project☆26Nov 19, 2020Updated 5 years ago
- Remote code execution in Power Platform connectors via JSON deserialization☆23Mar 30, 2023Updated 2 years ago
- Yet, Another Packer/Loader☆25Feb 26, 2023Updated 3 years ago
- This repository contains indicators of compromise (IOCs) of our various investigations.☆313Nov 4, 2025Updated 4 months ago
- Modular malware analysis artifact collection and correlation framework☆54Apr 23, 2024Updated last year
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Mar 26, 2023Updated 2 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆26Jul 21, 2022Updated 3 years ago
- ☆27Aug 18, 2023Updated 2 years ago
- Yara rules☆22Mar 27, 2023Updated 2 years ago
- Reverse-HTTP Redirector via DigitalOcean Apps Platform☆31Aug 16, 2023Updated 2 years ago
- A YARA Rule Performance Measurement Tool☆61Feb 26, 2024Updated 2 years ago
- A specification and style guide for YARA rules☆68Feb 17, 2024Updated 2 years ago
- A collaboration effort by the DFIR community to provide definitions (sometimes multiple) for common forensic terms!☆26Dec 1, 2022Updated 3 years ago
- My BloodHound custom queries☆26Jan 10, 2023Updated 3 years ago
- A cyber threat intelligence chatbot that ingested 2200+ reports from vx-underground.☆33Apr 1, 2024Updated last year
- A repository to share publicly available Velociraptor detection content☆196Updated this week
- Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks☆71Aug 14, 2021Updated 4 years ago
- .NET deobfuscator and unpacker (with a control flow unflattener for DoubleZero added).☆29Jun 14, 2022Updated 3 years ago
- ☆66Sep 1, 2023Updated 2 years ago