embee-research / Yara-detection-rulesLinks
Yara Rules for Modern Malware
☆79Updated last year
Alternatives and similar repositories for Yara-detection-rules
Users that are interested in Yara-detection-rules are comparing it to the libraries listed below
Sorting:
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Updated 2 years ago
- Simple PowerShell script to enable process scanning with Yara.☆98Updated 2 years ago
- A C# based tool for analysing malicious OneNote documents☆116Updated 2 years ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Updated 2 years ago
- A proof-of-concept re-assembler for reverse VNC traffic.☆25Updated 2 years ago
- ShellSweeping the evil.☆53Updated last year
- Placeholder for my detection repo and misc detection engineering content☆42Updated last year
- A home for detection content developed by the delivr.to team☆70Updated last month
- Default Detections for EDR☆96Updated last year
- Lazarus analysis tools and research report☆56Updated last year
- ☆36Updated 2 years ago
- Baseline a Windows System against LOLBAS☆68Updated last year
- ☆82Updated 10 months ago
- Modular malware analysis artifact collection and correlation framework☆53Updated last year
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆90Updated last year
- Rules Shared by the Community from 100 Days of YARA 2023☆78Updated 2 years ago
- Active C&C Detector☆156Updated last year
- General Content☆26Updated last year
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆66Updated last year
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆54Updated 9 months ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆74Updated 3 years ago
- YARA rule analyzer to improve rule quality and performance☆103Updated 5 months ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆62Updated 9 months ago
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆83Updated 2 years ago
- C2 Active Scanner☆60Updated last year
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆80Updated 4 months ago
- Detection rule validation☆41Updated last year
- ☆33Updated last year
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆34Updated 3 months ago
- ☆85Updated 2 years ago