elastic / labs-releasesLinks
Elastic Security Labs releases
☆66Updated last week
Alternatives and similar repositories for labs-releases
Users that are interested in labs-releases are comparing it to the libraries listed below
Sorting:
- A guide on how to write fast and memory friendly YARA rules☆143Updated 3 months ago
- YARA rule analyzer to improve rule quality and performance☆101Updated last month
- Rules Shared by the Community from 100 Days of YARA 2023☆76Updated 2 years ago
- ☆69Updated 3 months ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆78Updated 2 weeks ago
- Collection of rules created using YARA-Signator over Malpedia☆129Updated 6 months ago
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆83Updated last year
- Rules shared by the community from 100 Days of YARA 2024☆85Updated 5 months ago
- JPCERT/CC public YARA rules repository☆106Updated 5 months ago
- ☆247Updated last year
- ☆130Updated this week
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Updated 2 years ago
- A specification and style guide for YARA rules☆48Updated last year
- Alternative YARA scanning engine☆70Updated 2 years ago
- Active C&C Detector☆154Updated last year
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (EXT4, XFS) journals (not systemd-journald), generates…☆64Updated last month
- yara detection rules for hunting with the threathunting-keywords project☆120Updated 3 weeks ago
- pySigma Elasticsearch backend☆53Updated last week
- ☆223Updated 4 months ago
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆104Updated 3 weeks ago
- Repository of Yara Rules☆111Updated last month
- Configuration Extractors for Malware☆106Updated last month
- Collection of scripts used to deobfuscate GOOTLOADER malware samples.☆62Updated 5 months ago
- Use YARA rules on Time Travel Debugging traces☆90Updated last year
- A C# based tool for analysing malicious OneNote documents☆113Updated 2 years ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆53Updated last year
- OSSEM Data Dictionaries☆60Updated 4 months ago
- File analysis and management framework.☆83Updated last year
- A pySigma wrapper to manage detection rules.☆39Updated this week
- Initial triage of Windows Event logs☆99Updated 11 months ago