pracsec / YaraTools
Over 100K open-source YARA signatures evaluated against over 280K files to give insights into the performance of each YARA rule.
☆23Updated 2 years ago
Alternatives and similar repositories for YaraTools:
Users that are interested in YaraTools are comparing it to the libraries listed below
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated last year
- ☆24Updated 2 years ago
- ☆18Updated last year
- Method of finding interesting domains using keywords + JARMs☆13Updated 2 years ago
- A tool that adds reproducible UUIDs to YARA rules☆13Updated 11 months ago
- OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threat research tea…☆18Updated 3 years ago
- Searching .evtx logs for remote connections☆23Updated last year
- ☆14Updated 2 years ago
- EventLogSilencer is a PowerShell script designed for disable Windows Event Logging☆16Updated last year
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Updated last year
- Triaging Windows event logs based on SANS Poster☆39Updated 2 years ago
- ☆34Updated 2 years ago
- The Catherine Framework is a general-purpose cybersecurity framework built to provide extended support for defense operations.☆16Updated 11 months ago
- CIS Benchmark testing of Windows SIEM configuration☆44Updated last year
- ☆12Updated 2 years ago
- Defeating Anti-Debugging Techniques for Malware Analysis☆13Updated 2 years ago
- ☆22Updated last year
- Malware campaigns and APTs research by BlackArrow☆18Updated 4 years ago
- A project created with an aim to emulate and test exfiltration of data over different network protocols.☆31Updated 2 years ago
- With the help of this docker image, you can easily access PEzor on your system!☆15Updated 3 years ago
- Rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sending data to Elastic Cloud.☆48Updated last year
- WMI SA stuffs☆29Updated 2 years ago
- Pure Honeypots with an automated bash script☆20Updated 3 years ago
- USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is exec…☆20Updated 2 years ago
- Bash tool used for proactive detection of malicious activity on macOS systems.☆35Updated last year
- This is a repo for fetching Applocker event log by parsing the win-event log☆30Updated 2 years ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆13Updated last year
- Modular malware analysis artifact collection and correlation framework☆53Updated 11 months ago
- Sources Codes of many Office Malwares☆16Updated 2 years ago
- AutoPoC Generator HoneyPoC☆35Updated 8 months ago