pracsec / YaraToolsLinks
Over 100K open-source YARA signatures evaluated against over 280K files to give insights into the performance of each YARA rule.
☆24Updated 2 years ago
Alternatives and similar repositories for YaraTools
Users that are interested in YaraTools are comparing it to the libraries listed below
Sorting:
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated 2 years ago
- Defeating Anti-Debugging Techniques for Malware Analysis☆13Updated 2 years ago
- Method of finding interesting domains using keywords + JARMs☆13Updated 2 years ago
- Searching .evtx logs for remote connections☆23Updated last year
- ☆18Updated last year
- Placeholder for my detection repo and misc detection engineering content☆42Updated last year
- CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"☆49Updated 3 years ago
- Triaging Windows event logs based on SANS Poster☆39Updated 2 years ago
- ☆14Updated 2 years ago
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Updated 2 years ago
- ☆24Updated 2 years ago
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated last year
- Collection of generic YARA rules☆16Updated last year
- This is a repo for fetching Applocker event log by parsing the win-event log☆31Updated 2 years ago
- A project created with an aim to emulate and test exfiltration of data over different network protocols.☆31Updated 2 years ago
- USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is exec…☆20Updated 2 years ago
- Modular malware analysis artifact collection and correlation framework☆53Updated last year
- CIS Benchmark testing of Windows SIEM configuration☆44Updated 2 years ago
- Awesome list of Living off the Land (LOL) methods, tools, and features commonly abused by attackers☆24Updated 2 months ago
- ☆32Updated 2 years ago
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆35Updated 3 years ago
- ProcDot Malware Sandbox☆24Updated 7 months ago
- Volatility 3 plugins to extract a module as complete as possible☆12Updated 2 years ago
- ☆27Updated 7 months ago
- ☆33Updated 3 years ago
- A proof-of-concept re-assembler for reverse VNC traffic.☆25Updated 2 years ago
- CLI Search for Security Operators of MITRE ATT&CK URLs☆16Updated 2 years ago
- Malware campaigns and APTs research by BlackArrow☆18Updated 5 years ago
- OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threat research tea…☆18Updated 3 years ago
- Resources and Discussions About Detection Engineering☆12Updated 2 years ago