jstrosch / graph-maldoc-similar-images
A script that extracts embedded images from Office Open XML (OOXML) documents and generates image hash similarity graphs that cluster visually similar images together. The script computes the Average Hash of each extracted image, then graphs the images if they meet the similarity threshold. The script can be used as a technique for visually iden…
☆20Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for graph-maldoc-similar-images
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆42Updated last year
- Python based CLI for MalwareBazaar☆36Updated 3 weeks ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆22Updated 9 months ago
- Generate YARA rules for OOXML documents.☆37Updated last year
- Modular malware analysis artifact collection and correlation framework☆53Updated 7 months ago
- This repository regroups the Yara Rules for the Unprotect Project☆25Updated 4 years ago
- ☆23Updated last year
- ☆31Updated 2 years ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆43Updated 3 years ago
- ☆15Updated 3 years ago
- Steezy - Ghetto Yara Generation☆15Updated last year
- YARA Rule Strings Statistics Calculator and Malware Research Helper☆12Updated 3 years ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆37Updated last year
- FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.☆48Updated 8 months ago
- Merge all Yara rules from official Yara github repository in one .yar file☆28Updated 6 years ago
- ☆34Updated last year
- ☆27Updated 2 years ago
- Standardized Malware Analysis Tool☆51Updated 3 years ago
- Malware similarity platform with modularity in mind.☆76Updated 3 years ago
- Scripts, Yara rules and other files developed during malware investigations☆24Updated 2 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 2 years ago
- A Modular MWDB Utility to Collect Fresh Malware Samples☆34Updated 3 years ago
- Malware Configuration Extraction Modules☆47Updated last year
- Scans a malware file and lists down the related MBC (Malware Behavior Catalog) details.☆20Updated 2 years ago
- Collection of scripts used to analyse malware or emails☆19Updated 4 years ago
- Imphash-like calculation on Golang binaries☆47Updated 2 years ago
- Yara Based Detection Engine for web browsers☆47Updated 3 years ago
- Fast lookup server for NSRL and other hash database used in digital forensic☆41Updated 2 years ago
- Epimitheus is a tool that uses graphical database Neo4j for Windows Events visualization.☆18Updated 2 years ago
- Windows file metadata / forensic tool.☆15Updated 2 months ago