mez-0 / YaraEngineLinks
A C++ Yara Rule Runner
☆12Updated 3 years ago
Alternatives and similar repositories for YaraEngine
Users that are interested in YaraEngine are comparing it to the libraries listed below
Sorting:
- C# implementation to produce ROR-13 numeric hash for given function API name☆33Updated 6 years ago
- Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…☆54Updated 3 years ago
- Compile shellcode into an exe file from Windows or Linux.☆70Updated 4 months ago
- ☆74Updated last year
- VBScript & VBA source-to-source deobfuscator with partial-evaluation☆80Updated last year
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆118Updated 2 years ago
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆26Updated 2 years ago
- Small visualizator for PE files☆70Updated 2 years ago
- Simple dotnet Native AOT app that uses AsmResolver to convert shellcode to PE☆66Updated 2 years ago
- A Bumblebee-inspired Crypter☆78Updated 2 years ago
- A Practical example of ELAM (Early Launch Anti-Malware)☆35Updated 3 years ago
- Monitors ETW for security relevant syscalls maintaining the set called by each unique process☆83Updated 2 years ago
- Small tool to play with IOCs caused by Imageload events☆42Updated 2 years ago
- Golang bindings for PE-sieve☆42Updated last year
- The Console Monitor Driver is a KMDF kernel-mode filter driver that captures certain Fast I/O operations (input and output) that is sent …☆40Updated 3 years ago
- Standalone Metasploit-like XOR encoder for shellcode☆50Updated last year
- Invoke-DetectItEasy is a wrapper for excelent tool called Detect-It-Easy. This PS module is very useful for Threat Hunting and Forensics.☆28Updated 3 years ago
- Unpacker for donut shellcode☆17Updated 5 years ago
- Winbindex bot to pull in binaries for specific releases☆48Updated 2 years ago
- ☆147Updated 3 years ago
- ☆33Updated 11 months ago
- ☆24Updated 11 months ago
- ☆112Updated 3 years ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules☆130Updated this week
- Repo containing my public talks☆23Updated 2 years ago
- ☆25Updated last year
- ☆53Updated last year
- Recreating and reviewing the Windows persistence methods☆39Updated 3 years ago
- A collection of shellcode hashes☆17Updated 7 years ago
- (Sim)ulate (Ba)zar Loader☆29Updated 4 years ago