fr0gger / unprotect
Unprotect is a python tool for parsing PE malware and extract evasion techniques.
☆110Updated last year
Related projects: ⓘ
- A golang CLI tool to download malware from a variety of sources.☆139Updated 7 months ago
- A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck☆125Updated 9 months ago
- ☆97Updated 10 months ago
- Malware Configuration Extraction Modules☆48Updated 9 months ago
- YARA rule analyzer to improve rule quality and performance☆93Updated 9 months ago
- API Logger for Windows Executables☆77Updated 3 years ago
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆86Updated 3 years ago
- Python based CLI for MalwareBazaar☆36Updated 9 months ago
- Various capabilities for static malware analysis.☆75Updated 2 weeks ago
- Community modules for CAPE Sandbox☆84Updated last week
- A guide on how to write fast and memory friendly YARA rules☆123Updated last year
- Random hunting ordiented yara rules☆95Updated last year
- The Windows Malware Analysis Reversing Core Tools☆88Updated 3 years ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆42Updated last year
- VirusTotal Intelligence Search☆35Updated 4 years ago
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆93Updated 2 weeks ago
- Userland API monitor for threat hunting☆54Updated 4 years ago
- Capa analysis importer for Ghidra.☆61Updated 3 years ago
- Collection of malware persistence and hunting information. Be a persistent persistence hunter!☆163Updated 3 weeks ago
- ☆75Updated 3 weeks ago
- Automatic YARA rule generation for Malpedia☆152Updated 2 years ago
- Malware Samples that could be used for teaching students about malware analysis.☆45Updated 5 months ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆57Updated last year
- Malware similarity platform with modularity in mind.☆75Updated 3 years ago
- JPCERT/CC public YARA rules repository☆98Updated 2 months ago
- ☆27Updated 2 years ago
- Powershell script deobfuscation using AST in Python☆61Updated 8 months ago
- c2 traffic☆187Updated last year
- Modular malware analysis artifact collection and correlation framework☆49Updated 4 months ago
- Rules Shared by the Community from 100 Days of YARA 2023☆76Updated last year