matonis / yara_tools
Create an entire YARA rule via Python? Whhhhhhaatttt?
☆72Updated 5 years ago
Related projects ⓘ
Alternatives and complementary repositories for yara_tools
- A mapping of used malware names to commonly known family names☆61Updated last year
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Updated 6 years ago
- Generate a Yara rule to find base64-encoded files containg a specific keyword☆40Updated 6 years ago
- Handy scripts to speed up malware analysis☆35Updated last year
- Validates yara rules and tries to repair the broken ones.☆39Updated 4 years ago
- A taxonomy and dictionary of malware behaviors.☆42Updated 5 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆30Updated 4 years ago
- BinSequencer is a script designed to find a common pattern of bytes within a set of samples and generate a YARA rule from the identified…☆74Updated 2 years ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆37Updated last year
- A YARA Rule Performance Measurement Tool☆58Updated 8 months ago
- Malware similarity platform with modularity in mind.☆76Updated 3 years ago
- ☆16Updated 6 months ago
- This repository contains files from AppGate / Immunity Malware Analysis Team.☆21Updated 3 years ago
- Web based Manager for Yara Rules☆57Updated 4 years ago
- Yara rules for detecting malware☆23Updated 2 months ago
- A collection of my public YARA signatures for various malware families☆29Updated 2 months ago
- Steezy - Ghetto Yara Generation☆15Updated last year
- TA505 unpacker Python 2.7☆46Updated 4 years ago
- VSCode extension for the YARA pattern matching language☆63Updated 10 months ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆60Updated 11 months ago
- Repository containing IOCs, CSV and MISP JSON from our blogs☆79Updated 3 years ago
- Community modules for FAME☆64Updated this week
- I wanted to call this repo "Nuclear Football Codes". I was outvoted..☆68Updated this week
- Ursnif beacon decryptor☆27Updated last year
- Parse YARA rules and operate over them more easily.☆174Updated 4 months ago
- A tool to help malware analysts signature unique parts of RTF documents☆29Updated 9 months ago
- Static analysis tools for Microsoft Office Open XML files and documents☆68Updated 7 years ago
- MWDB exercises☆19Updated 5 months ago
- PE Import Hash Generator☆74Updated 7 years ago