karemfaisal / SMUC

Related projects: ⓘ

• y3n11 / Captain
  Userland API monitor for threat hunting
  ☆54Updated 4 years ago
• sbousseaden / YaraHunts
  Random hunting ordiented yara rules
  ☆95Updated last year
• Insikt-Group / Research
  Research indicators and detection rules
  ☆67Updated last year
• ashemery / CuckooVM
  Cuckoo running in a nested hypervisor
  ☆128Updated 4 years ago
• reb311ion / CapaExplorer
  Capa analysis importer for Ghidra.
  ☆61Updated 3 years ago
• stvemillertime / ConventionEngine
  ConventionEngine - A Yara Rulepack for PDB Path Hunting
  ☆36Updated last year
• ashemery / malware4edu
  Malware Samples that could be used for teaching students about malware analysis.
  ☆45Updated 5 months ago
• monnappa22 / HollowFind
  Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …
  ☆128Updated last year
• MITRECND / malchive
  Various capabilities for static malware analysis.
  ☆75Updated 2 weeks ago
• OTRF / API-To-Event
  A repo to document API functions mapped to security events across diverse platforms
  ☆74Updated 4 years ago
• itsKindred / malware-analysis-writeups
  ☆140Updated this week
• CybercentreCanada / CCCS-Yara
  YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
  ☆93Updated 2 weeks ago
• Neo23x0 / yaraQA
  YARA rule analyzer to improve rule quality and performance
  ☆93Updated 9 months ago
• telsy-cyberops / research
  Telsy CTI Research Team
  ☆57Updated 3 years ago
• fireeye / HXTool
  HXTool is an extended user interface for the FireEye HX Endpoint product. HXTool can be installed on a dedicated server or on your physic…
  ☆79Updated 2 months ago
• Beercow / SEPparser
  Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.
  ☆62Updated last year
• CAPESandbox / community
  Community modules for CAPE Sandbox
  ☆84Updated 2 weeks ago
• 0xAnalyst / CB-Threat-Hunting
  ☆113Updated 7 months ago
• lsoumille / Yara_Merger
  Merge all Yara rules from official Yara github repository in one .yar file
  ☆28Updated 6 years ago
• monnappa22 / Psinfo
  Psinfo is a Volatility plugin which collects the process related information from the VAD (Virtual Address Descriptor) and PEB (Process E…
  ☆36Updated 7 years ago
• n1ght-w0lf / Uchihash
  A small utility to deal with malware embedded hashes.
  ☆48Updated 11 months ago
• deadbits / yara-rules
  Collection of YARA signatures from individual research
  ☆41Updated 10 months ago
• 3vangel1st / 100DaysOfYARA
  ☆27Updated 2 years ago
• netskopeoss / NetskopeThreatLabsIOCs
  ☆75Updated 3 weeks ago
• sapphirex00 / Threat-Hunting
  Personal compilation of APT malware from whitepaper releases, documents and own research
  ☆253Updated 5 years ago
• honeybag / honeybag
  Honeybag helps you to create 'bait archive' with any folders and files, notify you if someone accesses it
  ☆16Updated 3 years ago
• Big5-sec / SourceFu
  hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Curre…
  ☆40Updated 5 years ago
• fr0gger / unprotect
  Unprotect is a python tool for parsing PE malware and extract evasion techniques.
  ☆110Updated last year
• 3c7 / bazaar
  Python based CLI for MalwareBazaar
  ☆36Updated 9 months ago
• g-les / 100DaysofYARA
  100 Days of YARA to be updated with rules & ideas as the year progresses
  ☆57Updated last year