lprat / static_file_analysisLinks
Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
☆50Updated last year
Alternatives and similar repositories for static_file_analysis
Users that are interested in static_file_analysis are comparing it to the libraries listed below
Sorting:
- A collection of my public YARA signatures for various malware families☆29Updated 8 months ago
- Links to malware-related YARA rules☆15Updated 2 years ago
- Collection of YARA signatures from individual research☆44Updated last year
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆29Updated 4 years ago
- Yara Based Detection Engine for web browsers☆47Updated 3 years ago
- A mapping of used malware names to commonly known family names☆62Updated 2 years ago
- VirusTotal Intelligence Search☆37Updated 5 years ago
- Telsy CTI Research Team☆57Updated 4 years ago
- ☆41Updated 2 years ago
- Random hunting ordiented yara rules☆96Updated 2 years ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆38Updated 2 years ago
- Generate a Yara rule to find base64-encoded files containg a specific keyword☆40Updated 6 years ago
- Generate YARA rules for OOXML documents.☆38Updated 2 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- Ursnif beacon decryptor☆27Updated 2 years ago
- A Maltego transform for VirusTotal vHash☆32Updated 5 years ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆22Updated last year
- An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree…☆60Updated 7 years ago
- Python based CLI for MalwareBazaar☆37Updated 7 months ago
- Tracking APT IOCs☆25Updated 4 years ago
- Community modules for FAME☆65Updated 4 months ago
- A YARA Rule Performance Measurement Tool☆59Updated last year
- Generate bulk YARA rules from YAML input☆22Updated 5 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- Repository of all the sites related to infosec IP/Domain/Hash/SSL/etc OSINT and eventually will include more.☆66Updated last year
- This tool maps a file's behavior on MITRE ATT&CK matrix.☆59Updated 5 years ago
- This is a repository that is meant to hold detections for various process injection techniques.☆34Updated 5 years ago
- Repository with selected IOCs and YARA rules for threat hunting.☆35Updated last week
- Threat intelligence and threat detection indicators (IOC, IOA)☆52Updated 4 years ago
- Validates yara rules and tries to repair the broken ones.☆39Updated 4 years ago