mandiant / gootloaderLinks
Collection of scripts used to deobfuscate GOOTLOADER malware samples.
☆63Updated 9 months ago
Alternatives and similar repositories for gootloader
Users that are interested in gootloader are comparing it to the libraries listed below
Sorting:
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆80Updated 4 months ago
- A C# based tool for analysing malicious OneNote documents☆116Updated 2 years ago
- Rules shared by the community from 100 Days of YARA 2024☆85Updated 8 months ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆54Updated 2 years ago
- Active C&C Detector☆156Updated last year
- YARA rule analyzer to improve rule quality and performance☆103Updated 5 months ago
- Full of public notes and Utilities☆127Updated 7 months ago
- JPCERT/CC public YARA rules repository☆110Updated 9 months ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97Updated 2 years ago
- The Windows Malware Analysis Reversing Core Tools☆96Updated 4 years ago
- A list of RMMs designed to be used in automation to build alerts☆112Updated 5 months ago
- Initial triage of Windows Event logs☆102Updated last year
- Yara Rules for Modern Malware☆79Updated last year
- ☆25Updated 3 years ago
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Updated last year
- A home for detection content developed by the delivr.to team☆70Updated last month
- Documentation site for Velociraptor☆52Updated this week
- ☆68Updated last month
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆88Updated 7 months ago
- ☆204Updated 10 months ago
- ☆71Updated this week
- A tool to support the reporting of Authenticode Certificates by reducing the effort on individuals to report.☆37Updated 2 weeks ago
- Simple PowerShell script to enable process scanning with Yara.☆98Updated 2 years ago
- The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson☆157Updated 2 years ago
- Detection Engineering with YARA☆87Updated last year
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆204Updated 3 years ago
- WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.☆166Updated 5 months ago
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆33Updated last year
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆248Updated 5 months ago
- Rules Shared by the Community from 100 Days of YARA 2023☆78Updated 2 years ago