jstrosch / graph-maldoc-similar-images
A script that extracts embedded images from Office Open XML (OOXML) documents and generates image hash similarity graphs that cluster visually similar images together. The script computes the Average Hash of each extracted image, then graphs the images if they meet the similarity threshold. The script can be used as a technique for visually iden…
☆21Updated 3 years ago
Alternatives and similar repositories for graph-maldoc-similar-images:
Users that are interested in graph-maldoc-similar-images are comparing it to the libraries listed below
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆22Updated last year
- ☆22Updated 2 years ago
- FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.☆50Updated 2 weeks ago
- ☆15Updated 3 years ago
- A Modular MWDB Utility to Collect Fresh Malware Samples☆34Updated 3 years ago
- ☆27Updated 3 years ago
- Python based CLI for MalwareBazaar☆36Updated 4 months ago
- Generate YARA rules for OOXML documents.☆38Updated last year
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆44Updated 2 years ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆38Updated 2 years ago
- YARA Rule Strings Statistics Calculator and Malware Research Helper☆13Updated 3 years ago
- Modular malware analysis artifact collection and correlation framework☆53Updated 11 months ago
- Malware Configuration Extraction Modules☆49Updated last year
- Scans a malware file and lists down the related MBC (Malware Behavior Catalog) details.☆22Updated 2 years ago
- Malware similarity platform with modularity in mind.☆78Updated 3 years ago
- Collection of scripts used to analyse malware or emails☆19Updated 4 years ago
- ☆14Updated 2 years ago
- ☆34Updated 2 years ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆44Updated 3 years ago
- Steezy - Ghetto Yara Generation☆15Updated 2 years ago
- VirusTotal Intelligence Search☆34Updated 4 years ago
- Scripts, Yara rules and other files developed during malware investigations☆25Updated 2 years ago
- Merge all Yara rules from official Yara github repository in one .yar file☆28Updated 6 years ago
- Tools for assisting the reverse engineering of Qakbot☆11Updated 3 years ago
- ETW-Almulahaza is a consumer python-based tool that help you monitor ETW events of the operating system☆12Updated 2 years ago
- Standardized Malware Analysis Tool☆52Updated 4 years ago
- Assemblyline 4 Malware detonation service (Cuckoo)☆17Updated last year
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- Yara Based Detection Engine for web browsers☆47Updated 3 years ago
- A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…☆26Updated 2 years ago