hillu / yara-rules-reLinks
Tools for inspecting YARA bytecode
☆20Updated 5 years ago
Alternatives and similar repositories for yara-rules-re
Users that are interested in yara-rules-re are comparing it to the libraries listed below
Sorting:
- Go Lang Portable Executable Parser☆39Updated 4 years ago
- Capa analysis importer for Ghidra.☆62Updated 4 years ago
- ☆71Updated last year
- TA505 unpacker Python 2.7☆47Updated 5 years ago
- WIP Emotet Control Flow Unflattening using miasm and radare2☆23Updated 2 years ago
- The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash alg…☆93Updated 3 weeks ago
- Malware Configuration Extraction Modules☆51Updated last year
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆72Updated last year
- Scripts, Yara rules and other files developed during malware investigations☆25Updated 3 years ago
- Yet another rule generator for Yara☆29Updated 2 months ago
- Parsers for custom malware formats ("Funky malware formats")☆96Updated 3 years ago
- Symbol hash for ELF files☆112Updated 3 years ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆38Updated 2 years ago
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆42Updated 5 years ago
- Maltego transforms to pivot between PE files based on their VirusTotal codeblocks☆18Updated 4 years ago
- Transfer EIP control to shellcode during malware analysis investigation☆76Updated 10 years ago
- Imphash-like calculation on Golang binaries☆49Updated 3 years ago
- Use this library to automatically extract PE files compressed with aplib from a binary blob.☆34Updated 6 years ago
- ☆23Updated 6 years ago
- ☆52Updated 6 years ago
- Generates YARA rules to detect malware using API hashing☆17Updated 4 years ago
- Robust Automated Malware Unpacker☆85Updated 2 years ago
- Royal Road RTF Weaponizer object decoder☆24Updated 10 months ago
- ☆60Updated 4 years ago
- Alternative YARA scanning engine☆72Updated 3 years ago
- Ghidra plugin for https://analyze.intezer.com☆71Updated 2 years ago
- ☆27Updated 2 years ago
- TrashDBG the world's worse debugger☆23Updated 3 years ago
- Flare-On solutions☆36Updated 5 years ago
- A modular Karton Framework service that unpacks common packers like UPX and others using the Qiling Framework.☆57Updated 4 years ago