Alternatives and similar repositories for yara

Users that are interested in yara are comparing it to the libraries listed below

• mattifestation / MSFTTraceMessageFormat
  All TMF files that I extracted from Microsoft PDBs.
  ☆12Updated 5 years ago
• Cisco-Talos / useful-tools
  ☆16Updated 2 years ago
• optiv / netneedle
  Network based steganography based control channels and chat.
  ☆8Updated 8 years ago
• ptoomey3 / Cisco-Group-Password-Decrypter
  Decrypts Cisco VPN Group Passwords
  ☆17Updated 13 years ago
• robertdavidgraham / mp4dec
  Prototype program to decode a video file looking for exploits/malware.
  ☆17Updated 4 years ago
• own2pwn / r0ak
  r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
  ☆26Updated 6 years ago
• OSRDrivers / tunnel
  Demonstrate the behavior of the tunnel cache on Windows
  ☆10Updated 5 years ago
• sourcefrenchy / cryptopayload
  module for certexfil
  ☆15Updated 2 years ago
• wunderwuzzi23 / natty-slipstream
  Simplified NAT Slipstream server and client
  ☆22Updated 4 years ago
• VirusTotal / protoc-gen-yara
  Automatic generator of YARA modules based in protocol buffers
  ☆16Updated 4 months ago
• nsacyber / Driver-Collider
  Blocks drivers from loading by using a name collision technique. #nsacyber
  ☆49Updated 7 years ago
• 649 / EquationDrug
  The ORIGINAL decrypted copies of the Shadow Broker's equation_drug release. Contains Equation group's espionage DLL implants library. Use…
  ☆18Updated 7 years ago
• carnal0wnage / ApplicationWhitelistBypassTechniques
  A Catalog of Application Whitelisting Bypass Techniques
  ☆31Updated 10 years ago
• libyal / libhibr
  Library and tools to access the Windows Hibernation File (hiberfil.sys) format
  ☆13Updated 11 months ago
• Kevin-Robertson / Empire
  Empire is a pure PowerShell post-exploitation agent.
  ☆11Updated 8 years ago
• OpenVPN / openvpn-release-scripts
  Scripts for producing release artefacts and signing, pushing and verifyig them. Note: This is superseded by OpenVPN/openvpn-build.
  ☆10Updated 2 years ago
• Aaryan101 / sayhello
  Capturing audio (.wav) from target using a link
  ☆13Updated 5 years ago
• ZonkSec / indeed-recon-ng-script
  A recon-ng module for crawling Indeed.com for contacts and resumes.
  ☆12Updated 9 years ago
• reklatsmasters / dnscrypt
  dnscrypt - authenticated and encrypted dns client for nodejs
  ☆14Updated 4 years ago
• sensepost / casper
  Casper is a tiny system tray application that can be used to view the invisible windows on your desktop.
  ☆12Updated 8 years ago
• jeperez / windows-operating-system-archaeology
  windows-operating-system-archaeology @Enigma0x3 @subTee
  ☆45Updated 8 years ago
• log2timeline / dfimagetools
  Collection of tools for processing storage media images
  ☆14Updated 5 months ago
• ghidraninja / ghidra_source_rel
  Source distribution of the Ghidra software reverse engineering (SRE) framework https://www.nsa.gov/ghidra
  ☆9Updated 6 years ago
• hasherezade / udis86
  Disassembler Library for x86 and x86-64
  ☆8Updated 10 years ago
• frederikme / sandboxed
  Virtual machine detection. This is done by looking at registry keys, processes, files, internet access and specs such as disk storage, RA…
  ☆18Updated 3 years ago
• JohnTroony / PE-CodeCaving
  Work files for my blog post "Code Caving in a PE file.
  ☆16Updated 8 years ago
• DissectMalware / xlrd2
  xlrd2 is a variant of xlrd that is actively maintained
  ☆23Updated 10 months ago
• TamerPlatform / Packaging_Tools
  This repository contains various shell scripts and tips and tricks used for packaging androidtamer packages
  ☆11Updated 2 years ago
• apacketofsweets / Apollo
  A simple, lightweight Remote Access Tool written in Python
  ☆17Updated 6 years ago
• benyG / Invoke-Ngrok
  Expose local port of a remote victim over Internet
  ☆11Updated 5 years ago