A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo
☆29Jun 11, 2020Updated 5 years ago
Alternatives and similar repositories for IoCs
Users that are interested in IoCs are comparing it to the libraries listed below
Sorting:
- A collection of my public YARA signatures for various malware families☆30Sep 20, 2024Updated last year
- A collection of my reverse engineering and malware analysis write-ups☆21Dec 11, 2020Updated 5 years ago
- The mission of Black Lotus Labs is to leverage our network visibility to both help protect customers and keep the internet clean.☆12Jun 18, 2021Updated 4 years ago
- A Simple CLI App to mark all EXCEL sheets visible (i.e. sets "Very Hidden" and "Hidden" to "Visible")☆11Apr 16, 2020Updated 5 years ago
- Scan outlook inbox with yara rules,APIs and IOCs☆14Aug 3, 2018Updated 7 years ago
- Steezy - Ghetto Yara Generation☆15Mar 27, 2023Updated 2 years ago
- Malice Office/OLE/RTF Plugin☆13Aug 29, 2018Updated 7 years ago
- Plugins for the Viper Framework☆14Sep 21, 2019Updated 6 years ago
- Tool to decrypt the configuration of NanoCore and dump all used plugins☆12Dec 8, 2020Updated 5 years ago
- ☆15Jun 5, 2019Updated 6 years ago
- A tool to help malware analysts signature unique parts of RTF documents☆28Jan 5, 2026Updated last month
- Conceptual Methods for Finding Commonalities in Macho Files☆12Mar 21, 2024Updated last year
- Python emulator for Excel XLM macros.☆18May 25, 2020Updated 5 years ago
- OLE Package Format Documentation☆23Jun 13, 2020Updated 5 years ago
- Yara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies☆107Mar 4, 2021Updated 5 years ago
- My Yara Rules Collection☆52Feb 7, 2016Updated 10 years ago
- For all these times you're asking yourself "what is this panel again?"☆260Jan 29, 2026Updated last month
- ☆22Dec 22, 2020Updated 5 years ago
- Malicious PDF document parsing tool☆16Nov 1, 2017Updated 8 years ago
- A mapping of used malware names to commonly known family names☆62Feb 21, 2023Updated 3 years ago
- Generate bulk YARA rules from YAML input☆22Feb 3, 2020Updated 6 years ago
- This repository regroups the Yara Rules for the Unprotect Project☆26Nov 19, 2020Updated 5 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆40Jun 20, 2023Updated 2 years ago
- Miscellaneous Malware RE☆193May 1, 2022Updated 3 years ago
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆387May 11, 2022Updated 3 years ago
- Validates yara rules and tries to repair the broken ones.☆41Sep 5, 2020Updated 5 years ago
- Yara rules☆22Mar 27, 2023Updated 2 years ago
- Tracking APT IOCs☆25Nov 16, 2020Updated 5 years ago
- This repository provides tools to fight against Emotet malware. You can protect your system using these tools☆23Jan 24, 2020Updated 6 years ago
- Parse YARA rules and operate over them more easily.☆195Feb 6, 2025Updated last year
- Passive DNS server interface compliant to "Common Output Format"☆10Sep 19, 2016Updated 9 years ago
- This repository contains various files linked to Operation Shadowhammer as it was originally discovered by Kaspersky Team.☆12Mar 27, 2019Updated 6 years ago
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Sep 17, 2019Updated 6 years ago
- ☆42Sep 16, 2022Updated 3 years ago
- because twin clams are better than one clam?☆29Jan 30, 2026Updated last month
- Cockroach is your primitive & immortal swiss army knife.☆48Dec 8, 2021Updated 4 years ago
- Active C2 IoCs☆99Nov 28, 2022Updated 3 years ago
- c2 traffic☆194Feb 6, 2023Updated 3 years ago
- Various Modules & Scripts for use with Viper Framework☆27Aug 20, 2019Updated 6 years ago