Alternatives and similar repositories for YaraEngine

Users that are interested in YaraEngine are comparing it to the libraries listed below

• WithSecureLabs / GarbageMan
  GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.
  ☆119Updated 2 years ago
• cdong1012 / IDAPython-Malware-Scripts
  ☆76Updated 2 years ago
• accidentalrebel / shcode2exe
  Compile shellcode into an exe file from Windows or Linux.
  ☆72Updated 8 months ago
• ihack4falafel / ROR13HashGenerator
  C# implementation to produce ROR-13 numeric hash for given function API name
  ☆34Updated 6 years ago
• hasherezade / pe2pic
  Small visualizator for PE files
  ☆70Updated 2 years ago
• naksyn / talks
  Repo containing my public talks
  ☆23Updated 2 years ago
• leandrofroes / malware-research
  General malware analysis stuff
  ☆37Updated last year
• repnz / shellcode2exe
  Batch script to compile a binary shellcode blob into an exe file
  ☆89Updated 6 years ago
• hasherezade / pesieve-go
  Golang bindings for PE-sieve
  ☆42Updated 2 years ago
• YoavLevi / IAT-Tracer
  An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…
  ☆125Updated last year
• airbus-cert / vbSparkle
  VBScript & VBA source-to-source deobfuscator with partial-evaluation
  ☆80Updated last year
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆44Updated last year
• Dump-GUY / Get-PDInvokeImports
  Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…
  ☆54Updated 3 years ago
• jdu2600 / Etw-SyscallMonitor
  Monitors ETW for security relevant syscalls maintaining the set called by each unique process
  ☆87Updated 2 years ago
• anyrun / blog-scripts
  ☆35Updated 3 weeks ago
• Dump-GUY / Invoke-DetectItEasy
  Invoke-DetectItEasy is a wrapper for excelent tool called Detect-It-Easy. This PS module is very useful for Threat Hunting and Forensics.
  ☆30Updated 3 years ago
• ashemery / REDM
  Reverse Engineering and Debugging Malware
  ☆32Updated 2 years ago
• marcusbotacin / Dropper
  Embed an executable as a PE resource, drops and launches it in runtime.
  ☆64Updated 4 years ago
• t-tani / defender2yara
  Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules
  ☆142Updated last week
• fr0gger / MalwareMuncher
  Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…
  ☆45Updated 2 years ago
• ytincodenito / vEDR
  Vulnerable EDR
  ☆23Updated last year
• manyfacedllama / amsi-tracer
  Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …
  ☆111Updated 4 years ago
• t0-retooling / defender-recon24
  ☆59Updated last year
• hasherezade / shellc_encoder
  Standalone Metasploit-like XOR encoder for shellcode
  ☆50Updated last year
• joe-desimone / patriot
  ☆153Updated 3 years ago
• trailofbits / WinDbg-JS
  ☆29Updated 2 years ago
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆44Updated 2 years ago
• FarghlyMal / Config-Extractors
  ☆27Updated last year
• nccgroup / mimikatz-detector-condrv
  The Console Monitor Driver is a KMDF kernel-mode filter driver that captures certain Fast I/O operations (input and output) that is sent …
  ☆41Updated 3 years ago
• hasherezade / mal_unpack_py
  Python wrappers for mal_unpack
  ☆37Updated 2 years ago