jstrosch / graph-maldoc-similar-images
A script that extracts embedded images from Office Open XML (OOXML) documents and generates image hash similarity graphs that cluster visually similar images together. The script computes the Average Hash of each extracted image, then graphs the images if they meet the similarity threshold. The script can be used as a technique for visually iden…
☆21Updated 3 years ago
Alternatives and similar repositories for graph-maldoc-similar-images:
Users that are interested in graph-maldoc-similar-images are comparing it to the libraries listed below
- ☆22Updated 2 years ago
- YARA Rule Strings Statistics Calculator and Malware Research Helper☆13Updated 3 years ago
- Generate YARA rules for OOXML documents.☆38Updated last year
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆22Updated last year
- FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.☆50Updated last month
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆44Updated 2 years ago
- Scripts, Yara rules and other files developed during malware investigations☆25Updated 2 years ago
- ☆15Updated 3 years ago
- ☆34Updated 2 years ago
- NTFS file system specimens☆13Updated last year
- This repository regroups the Yara Rules for the Unprotect Project☆24Updated 4 years ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆38Updated 2 years ago
- A Modular MWDB Utility to Collect Fresh Malware Samples☆34Updated 3 years ago
- ☆33Updated 3 years ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆44Updated 3 years ago
- Python based CLI for MalwareBazaar☆37Updated 5 months ago
- Yara rules☆21Updated 2 years ago
- ☆14Updated 2 years ago
- A collection of my public YARA signatures for various malware families☆29Updated 7 months ago
- Steezy - Ghetto Yara Generation☆15Updated 2 years ago
- Modular malware analysis artifact collection and correlation framework☆53Updated last year
- Public repository for Red Canary Research☆37Updated 4 years ago
- Collection of scripts used to analyse malware or emails☆19Updated 4 years ago
- Yara rules written by me, for free use.☆19Updated 3 years ago
- MISP sighting server is a fast sighting server to store and look-up sightings on attributes (network indicators, file hashes, system indi…☆15Updated last year
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Updated last year
- Converts Sigma detection rules to a Splunk alert configuration.☆13Updated 3 years ago
- VirusTotal Intelligence Search☆36Updated 4 years ago
- Standardized Malware Analysis Tool☆52Updated 4 years ago
- ☆27Updated 3 years ago