Alternatives and similar repositories for sandfly-entropyscan

Users that are interested in sandfly-entropyscan are comparing it to the libraries listed below

• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆66Updated 3 years ago
• iomoath / yara-scanner
  YaraScanner is a file pattern-matching tool based on YARA rules.
  ☆58Updated 2 years ago
• Neo23x0 / Loki2
  LOKI2 - Simple IOC and YARA Scanner
  ☆102Updated 3 months ago
• spyre-project / spyre
  simple YARA-based IOC scanner
  ☆169Updated this week
• sandflysecurity / sandfly-file-decloak
  Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.
  ☆26Updated last week
• michelcrypt4d4mus / yaralyzer
  Visually inspect and force decode YARA and regex matches found in both binary and text data with colors. Lots of colors.
  ☆140Updated 3 weeks ago
• blacklotuslabs / IOCs
  IOCs published by Black Lotus Labs
  ☆122Updated 3 weeks ago
• tylabs / quicksand
  QuickSand document and PDF malware analysis tool written in Python
  ☆131Updated last month
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆79Updated last year
• docker-forensics-toolkit / toolkit
  A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
  ☆104Updated last year
• c2links / NoWhere2Hide
  C2 Active Scanner
  ☆60Updated last year
• tstromberg / sunlight
  Linux #rootkit and #malware revealer
  ☆27Updated last year
• fox-it / skrapa
  A zero dependency and customizable Python library for scanning Windows and Linux process memory.
  ☆66Updated last year
• referefref / honeydet
  Signature based honeypot detector tool written in Golang
  ☆104Updated 6 months ago
• alex-cart / LEAF
  Linux Evidence Acquisition Framework
  ☆118Updated last year
• codeyourweb / irma
  enpoint detection / live analysis & sandbox host / signatures quality test
  ☆44Updated 4 years ago
• WithSecureLabs / detectree
  Data visualization for blue teams
  ☆126Updated 2 years ago
• theflakes / Linux_Forensic_Harvester
  Harvest Linux forensic data for operational triage of an event.
  ☆51Updated last year
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆78Updated 2 years ago
• adulau / HHHash
  HTTP Headers Hashing (HHHash) is a technique used to create a fingerprint of an HTTP server based on the headers it returns.
  ☆78Updated 2 years ago
• fboldewin / YARA_Detection_Engineering
  Detection Engineering with YARA
  ☆87Updated last year
• swisscom / ArtifactCollectionMatrix
  Forensic Artifact Collection Tool Matrix
  ☆91Updated 11 months ago
• splunk / melting-cobalt
  A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object
  ☆170Updated 2 years ago
• malienist / lupo
  Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation
  ☆106Updated 3 years ago
• YARAHQ / yara-forge
  Automated YARA Rule Standardization and Quality Assurance Tool
  ☆245Updated this week
• threatcat-ch / malware-analysis-pipeline
  Lightweight Python-Based Malware Analysis Pipeline
  ☆35Updated 3 weeks ago
• BinaryDefense / beacon-fronting
  A simple command line program to help defender test their detections for network beacon patterns and domain fronting
  ☆70Updated 3 years ago
• carbonblack / active_c2_ioc_public
  Active C2 IoCs
  ☆99Updated 2 years ago
• mthcht / ThreatHunting-Keywords-yara-rules
  yara detection rules for hunting with the threathunting-keywords project
  ☆150Updated 5 months ago
• StrangerealIntel / Orion
  A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...
  ☆138Updated last year