google / maldoca
Malicious Microsoft Office document analyzer
☆65Updated last year
Alternatives and similar repositories for maldoca:
Users that are interested in maldoca are comparing it to the libraries listed below
- capemon: CAPE's monitor☆106Updated this week
- Parsing of YARA rules into AST and building new rulesets in C++.☆122Updated last week
- Automatically generate AV byte signatures from sets of similar binaries.☆262Updated last month
- ☆43Updated 9 months ago
- Unprotect is a python tool for parsing PE malware and extract evasion techniques.☆112Updated last year
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆66Updated 9 months ago
- Use YARA rules on Time Travel Debugging traces☆88Updated last year
- Community modules for CAPE Sandbox☆89Updated this week
- A set of small utilities, helpers for PIN tracers☆31Updated last year
- YARI is an interactive debugger for YARA Language.☆88Updated last week
- Library and tools to access the Windows Prefetch File (SCCA) format.☆72Updated 3 weeks ago
- Small visualizator for PE files☆67Updated last year
- Enumerate various traits from Windows processes as an aid to threat hunting☆185Updated 3 years ago
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆115Updated last year
- Set of antianalysis techniques found in malware☆129Updated last year
- Sysmon-Like research tool for ETW☆349Updated 2 years ago
- Data to test capa's code and rules.☆41Updated this week
- Unpacking and decryption tools for the Emotet malware☆46Updated 3 years ago
- ☆61Updated 11 months ago
- Cockroach is your primitive & immortal swiss army knife.☆47Updated 3 years ago
- Symbol hash for ELF files☆105Updated 2 years ago
- Library and tools to access the Windows Minidump (MDMP) format☆38Updated 6 months ago
- ☆13Updated 2 years ago
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆57Updated 5 months ago
- A guide on how to write fast and memory friendly YARA rules☆127Updated last year
- Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.☆110Updated last month
- ☆56Updated 3 months ago
- Alternative YARA scanning engine☆67Updated 2 years ago
- Symantec EDR Internals☆25Updated 3 years ago
- Collection of YARA rules designed for usage through VirusTotal.com.☆66Updated 9 months ago