fr0gger / unprotectLinks
Unprotect is a python tool for parsing PE malware and extract evasion techniques.
☆119Updated 2 years ago
Alternatives and similar repositories for unprotect
Users that are interested in unprotect are comparing it to the libraries listed below
Sorting:
- Malware Configuration Extraction Modules☆51Updated last year
- Capa analysis importer for Ghidra.☆62Updated 4 years ago
- A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck☆131Updated last year
- Malware similarity platform with modularity in mind.☆78Updated 4 years ago
- Userland API monitor for threat hunting☆58Updated 5 years ago
- Various capabilities for static malware analysis.☆78Updated 11 months ago
- A golang CLI tool to download malware from a variety of sources.☆149Updated last month
- A curated list of malware repositories, trackers and malware analysis tools☆86Updated 2 years ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆38Updated 2 years ago
- Automatic YARA rule generation for Malpedia☆161Updated 2 years ago
- Unpacking and decryption tools for the Emotet malware☆45Updated 3 years ago
- Random hunting ordiented yara rules☆97Updated 2 years ago
- TA505 unpacker Python 2.7☆47Updated 5 years ago
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆106Updated 3 months ago
- A small utility to deal with malware embedded hashes.☆52Updated last year
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Updated last year
- ☆27Updated 3 years ago
- ☆106Updated last year
- VirusTotal Intelligence Search☆38Updated 5 years ago
- Scripts, Yara rules and other files developed during malware investigations☆25Updated 3 years ago
- Standardized Malware Analysis Tool☆53Updated 4 years ago
- API Logger for Windows Executables☆78Updated 4 years ago
- The following repository contains a modified version of SUNBURST with cracekd hashes, comments and annotations.☆56Updated 4 years ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Updated 2 years ago
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆139Updated 2 years ago
- Generate YARA rules for OOXML documents.☆38Updated 2 years ago
- Python based CLI for MalwareBazaar☆37Updated last month
- VSCode extension for the YARA pattern matching language☆64Updated last year
- MoP - "Master of Puppets" - Advanced malware tracking framework☆82Updated 11 months ago
- ☆27Updated 2 years ago