Alternatives and similar repositories for pyarascanner

Users that are interested in pyarascanner are comparing it to the libraries listed below

• akky2892 / Cyber-Threat-Hunting

  View on GitHub
  Information about most important hunts which can be performed by Threat hunters while searching for any adversary/threats inside the orga…
  ☆15May 18, 2019Updated 6 years ago
• iAbdullahMughal / dscan

  View on GitHub
  D-Scan project for office document analysis and generating flow diagram of macro in documents. For demo visit
  ☆29Jan 10, 2026Updated last month
• JeremyBlackthorne / PE-Runtime-Data-Structures

  View on GitHub
  ☆18Apr 4, 2019Updated 6 years ago
• DissectMalware / base64_substring

  View on GitHub
  Generate a Yara rule to find base64-encoded files containg a specific keyword
  ☆40Jul 13, 2018Updated 7 years ago
• WithSecureLabs / snake-core

  View on GitHub
  snake-core - the real snake
  ☆15Jul 11, 2023Updated 2 years ago
• glimps-re / PowersheLLM

  View on GitHub
  The official repository of PowersheLLM, a model for Powershell maliciousness detection using fine-tuned LLM
  ☆12Jun 6, 2024Updated last year
• stvemillertime / Absolutely-Positively-NOT-Hacking-Back-with-Pcap

  View on GitHub
  Streaming Unexpected Network Byte Sequences with High Probability of Blue Screening or Otherwise Crashing Attacker Command-and-Control No…
  ☆22Jul 14, 2019Updated 6 years ago
• coldfusion39 / excel-press

  View on GitHub
  Python script to compress VBA macro files
  ☆24Feb 2, 2023Updated 3 years ago
• Hestat / lw-yara

  View on GitHub
  Yara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies
  ☆107Mar 4, 2021Updated 4 years ago
• rembish / cfb

  View on GitHub
  Microsoft Compound File Binary (CFB) file format Python IO
  ☆15Aug 27, 2014Updated 11 years ago
• Kalium / Snakepit

  View on GitHub
  A scalable framework for binary analysis in a containered environment.
  ☆13May 20, 2019Updated 6 years ago
• dfir-dd / dionysos

  View on GitHub
  Scanner for certain IoCs
  ☆11Jan 29, 2025Updated last year
• Neo23x0 / xorex

  View on GitHub
  XOR Key Extractor
  ☆51Aug 10, 2024Updated last year
• SneakyNachos / MalwareAnalysisTraining

  View on GitHub
  Work in Progress repo
  ☆15Apr 18, 2019Updated 6 years ago
• McL0vinn / Windows-Forensic-Examination-and-Threat-Hunting

  View on GitHub
  Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…
  ☆14Aug 15, 2022Updated 3 years ago
• Yamato-Security / sigma-to-hayabusa-converter

  View on GitHub
  Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.
  ☆16Oct 22, 2025Updated 3 months ago
• KarmaPenny / pdfparser

  View on GitHub
  PDF Parser is a command line tool and go library for analyzing PDF files.
  ☆14Jan 25, 2024Updated 2 years ago
• libyal / reviveit

  View on GitHub
  ReviveIT (revit) is a proof of concept file recovery tool (carver)
  ☆12Dec 3, 2020Updated 5 years ago
• schrodyn / steezy

  View on GitHub
  Steezy - Ghetto Yara Generation
  ☆15Mar 27, 2023Updated 2 years ago
• woanware / wmi-parser

  View on GitHub
  Parses the WMI object database....looking for persistence
  ☆34Dec 12, 2019Updated 6 years ago
• gamelinux / activedns

  View on GitHub
  An active domain name query tool to help keep track of domain name movements...
  ☆16Mar 28, 2021Updated 4 years ago
• pr0xylife / Bumblebee

  View on GitHub
  ☆15Oct 3, 2024Updated last year
• sebmarchand / pyetw

  View on GitHub
  ☆13Apr 6, 2016Updated 9 years ago
• DearBytes / Opensource-Endpoint-Monitoring

  View on GitHub
  This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.
  ☆35Jul 8, 2019Updated 6 years ago
• CyCat-project / cycat-taxonomy

  View on GitHub
  CyCAT.org taxonomies
  ☆15May 22, 2021Updated 4 years ago
• egaus / malicious_url_analysis

  View on GitHub
  ☆18Jun 8, 2018Updated 7 years ago
• devgc / GcLinkParser

  View on GitHub
  A GC link parser for both linkfiles and jumplists.
  ☆18Oct 28, 2016Updated 9 years ago
• joxeankoret / maltindex

  View on GitHub
  Mal Tindex is an Open Source tool for indexing binaries and help attributing malware campaigns
  ☆67Jun 26, 2017Updated 8 years ago
• Foundstone / InvestigationPlaybookSpec

  View on GitHub
  InvestigationPlaybookSpec
  ☆71Sep 26, 2017Updated 8 years ago
• enisaeu / Reference-Security-Incident-Taxonomy-Task-Force

  View on GitHub
  This repository hosts files relating to the TF-CSIRT Reference Security Incident Taxonomy Working Group.
  ☆74Apr 4, 2025Updated 10 months ago
• EricZimmerman / USBDevices

  View on GitHub
  Get USB Devices from Registry hives
  ☆22Nov 15, 2021Updated 4 years ago
• grayfold3d / POSH-Triage

  View on GitHub
  Tools for parsing Forensic images
  ☆41Dec 14, 2018Updated 7 years ago
• yolothreat / utilitybelt

  View on GitHub
  A Python library for being a CND Batman....
  ☆35Oct 29, 2015Updated 10 years ago
• evild3ad / isodump

  View on GitHub
  isodump - ISO dump utility
  ☆41Jun 9, 2019Updated 6 years ago
• delimitry / compressed_rtf

  View on GitHub
  Compressed Rich Text Format (RTF) compression and decompression in Python
  ☆23Jun 29, 2025Updated 7 months ago
• cugu / kaitaigo

  View on GitHub
  kaitaigo is a compiler and runtime to create Go parsers from Kaitai Struct files
  ☆18Apr 20, 2022Updated 3 years ago
• wetw0rk / SLAE

  View on GitHub
  The following repository contains the SecurityTube Linux Assembly Expert assignments, and exam
  ☆18Nov 27, 2017Updated 8 years ago
• DimopoulosElias / SimpleMimikatzObfuscator

  View on GitHub
  A set of commands to bypass Defender (and some other AVs)
  ☆20Jul 25, 2019Updated 6 years ago
• DissectMalware / MalwareCMDMonitor

  View on GitHub
  Shows command lines used by latest instances analyzed on Hybrid-Analysis
  ☆42Sep 18, 2018Updated 7 years ago