mandiant / capa-rulesLinks
Standard collection of rules for capa: the tool for enumerating the capabilities of programs
☆634Updated last week
Alternatives and similar repositories for capa-rules
Users that are interested in capa-rules are comparing it to the libraries listed below
Sorting:
- MBC content in markdown☆476Updated 3 months ago
- DRAKVUF Sandbox - automated hypervisor-level malware analysis system☆1,205Updated this week
- Distributed malware processing framework based on Python, Redis and S3.☆440Updated 2 weeks ago
- Collection of private Yara rules.☆368Updated this week
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆583Updated last year
- ReversingLabs YARA Rules☆857Updated last week
- Malduck is your ducky companion in malware analysis journeys☆344Updated 3 months ago
- Repository of YARA rules made by Trellix ATR Team☆612Updated 6 months ago
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆714Updated 2 years ago
- Malware repository component for samples & static configuration with REST API interface.☆366Updated last week
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆384Updated 3 years ago
- Cuckoo3 is a Python 3 open source automated malware analysis system.☆761Updated 3 months ago
- Dynamic unpacker based on PE-sieve☆765Updated 2 weeks ago
- Collaborative Malware Analysis Platform at Scale☆763Updated this week
- A Binary Genetic Traits Lexer Framework☆516Updated last month
- YARA Rules I come across on the internet☆351Updated last year
- YARA malware query accelerator (web frontend)☆434Updated last week
- IOC from articles, tweets for archives☆317Updated last year
- Volatility plugin for extracts configuration data of known malware☆490Updated last year
- Windows kernel and user mode emulation.☆1,760Updated 6 months ago
- High Octane Triage Analysis☆772Updated this week
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆257Updated 2 years ago
- Indicators from Unit 42 Public Reports☆724Updated last month
- The multi-platform memory acquisition tool.☆845Updated 3 months ago
- Detection in the form of Yara, Snort and ClamAV signatures.☆237Updated 11 months ago
- Threat Intel IoCs + bits and pieces of dark matter☆416Updated 3 months ago
- ☆155Updated 2 years ago
- Sophos-originated indicators-of-compromise from published reports☆633Updated last month
- ☆513Updated 11 months ago
- ☆788Updated 2 years ago