embee-research / Yara-detection-rulesLinks
Yara Rules for Modern Malware
☆79Updated last year
Alternatives and similar repositories for Yara-detection-rules
Users that are interested in Yara-detection-rules are comparing it to the libraries listed below
Sorting:
- A C# based tool for analysing malicious OneNote documents☆116Updated 2 years ago
- Simple PowerShell script to enable process scanning with Yara.☆96Updated 3 years ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Updated 2 years ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Updated 2 years ago
- ShellSweeping the evil.☆53Updated last year
- Rules Shared by the Community from 100 Days of YARA 2023☆78Updated 2 years ago
- Placeholder for my detection repo and misc detection engineering content☆42Updated 2 years ago
- A proof-of-concept re-assembler for reverse VNC traffic.☆25Updated 2 years ago
- Default Detections for EDR☆96Updated last year
- Detection rule validation☆41Updated last year
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆66Updated last year
- A home for detection content developed by the delivr.to team☆72Updated 2 months ago
- Baseline a Windows System against LOLBAS☆68Updated last year
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆34Updated 3 months ago
- Modular malware analysis artifact collection and correlation framework☆53Updated last year
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆62Updated 10 months ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆70Updated 3 years ago
- Active C&C Detector☆156Updated 2 years ago
- ☆36Updated 2 years ago
- ☆82Updated 11 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆54Updated 10 months ago
- YARA rule analyzer to improve rule quality and performance☆104Updated 6 months ago
- ☆33Updated last year
- C2 Active Scanner☆60Updated last year
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆82Updated 2 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆74Updated 3 years ago
- PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office☆35Updated 2 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆81Updated 2 weeks ago
- Quick ESXi Log Parser☆26Updated this week
- Linux #rootkit and #malware revealer☆28Updated last year