Alternatives and similar repositories for YaraTools:

Users that are interested in YaraTools are comparing it to the libraries listed below

• whichbuffer / Antidebug
  Defeating Anti-Debugging Techniques for Malware Analysis
  ☆13Updated 2 years ago
• montysecurity / InfraSpyder
  Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.
  ☆27Updated last year
• matthw / malware_analysis
  ☆18Updated 11 months ago
• xforcered / DayBird
  Extension functionality for the NightHawk operator client
  ☆26Updated last year
• vysecurity / PacketParser
  A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.
  ☆21Updated 7 months ago
• Gr1mmie / WMIEnum
  WMI SA stuffs
  ☆29Updated 2 years ago
• shlyuz / teamserver
  ☆12Updated 2 years ago
• peasead / windows-sandbox-to-elastic
  Rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sending data to Elastic Cloud.
  ☆48Updated last year
• NexusFuzzy / raccoon_config
  Scans a list of raccoon servers from Tria.ge and extracts the config
  ☆15Updated last year
• georgi-i / winevt_logs_analysis
  Searching .evtx logs for remote connections
  ☆23Updated last year
• whichbuffer / Lockbit-Black-3.0
  ☆24Updated 2 years ago
• nccgroup / mimikatz-detector-busylight
  USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is exec…
  ☆20Updated 2 years ago
• 0xv1n / proc-suspend
  powershell script i wrote that can suspend an arbitrary process (with limits)
  ☆20Updated last year
• FarghlyMal / Config-Extractors
  ☆25Updated 3 months ago
• AmirHoseinTangsiriNET / EventLogSilencer
  EventLogSilencer is a PowerShell script designed for disable Windows Event Logging
  ☆15Updated last year
• jfmaes / Emulation-Workshop
  The repository accompanying the Buer Emulation workshop
  ☆24Updated 3 years ago
• advanced-threat-research / NetLlix
  A project created with an aim to emulate and test exfiltration of data over different network protocols.
  ☆31Updated last year
• CatherineFramework / catherine
  The Catherine Framework is a general-purpose cybersecurity framework built to provide extended support for defense operations.
  ☆16Updated 10 months ago
• montysecurity / malware-bazaar-advanced-search
  Script to chain search parameters for MalwareBazaar
  ☆9Updated last month
• attl4s / freeMetsrvLoader
  freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package
  ☆33Updated last year
• diljith369 / CSharp4Pentesters
  CSharp4Pentesters
  ☆12Updated 3 years ago
• oldboy21 / CGPL
  Yet, Another Packer/Loader
  ☆25Updated 2 years ago
• 0x11DFE / file-unpumper
  Tool that can be used to trim useless things from a PE file such as the things a file pumper would add.
  ☆26Updated 8 months ago
• mdecrevoisier / Windows-authentication-brutforce-cheatsheet
  Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.
  ☆18Updated last year
• sketchymoose / workslikeaJARM
  Method of finding interesting domains using keywords + JARMs
  ☆13Updated 2 years ago
• marcosimioni / omigood
  OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threat research tea…
  ☆18Updated 3 years ago
• FuzzySecurity / Presentations
  A collection of my presentation materials.
  ☆16Updated 10 months ago
• SevenStones / auditpolCIS
  CIS Benchmark testing of Windows SIEM configuration
  ☆44Updated last year
• mr-r3b00t / parse_win_log
  ☆14Updated 2 years ago
• mgeeky / EvilClippy
  A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro…
  ☆23Updated 2 years ago