Alternatives and similar repositories for sandfly-entropyscan

Users that are interested in sandfly-entropyscan are comparing it to the libraries listed below

• sandflysecurity / sandfly-file-decloak
  Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.
  ☆29Updated 3 months ago
• iomoath / yara-scanner
  YaraScanner is a file pattern-matching tool based on YARA rules.
  ☆60Updated 2 years ago
• archcloudlabs / BSidesRoc2022_Linux_Malware_Analysis_Course
  BSidesRoc 2022 Linux Malware/Forensics Course
  ☆75Updated 3 years ago
• theflakes / Linux_Forensic_Harvester
  Harvest Linux forensic data for operational triage of an event.
  ☆51Updated last month
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆78Updated 2 years ago
• WithSecureLabs / detectree
  Data visualization for blue teams
  ☆126Updated 3 years ago
• fkie-cad / socbed
  A Self-Contained Open-Source Cyberattack Experimentation Testbed
  ☆43Updated 7 months ago
• hpthreatresearch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆149Updated 2 years ago
• malienist / lupo
  Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation
  ☆105Updated 3 years ago
• cado-security / rip_raw
  Rip Raw is a small tool to analyse the memory of compromised Linux systems.
  ☆134Updated 3 years ago
• alex-cart / LEAF
  Linux Evidence Acquisition Framework
  ☆117Updated last year
• referefref / honeydet
  Signature based honeypot detector tool written in Golang
  ☆107Updated 9 months ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆66Updated 3 years ago
• tstromberg / sunlight
  Linux #rootkit and #malware revealer
  ☆30Updated last year
• M00NLIG7 / ChopChopGo
  Rapidly Search and Hunt through Linux Forensics Artifacts
  ☆201Updated 2 years ago
• viper-framework / viper2
  File analysis and management framework.
  ☆92Updated 2 years ago
• blacklotuslabs / IOCs
  IOCs published by Black Lotus Labs
  ☆124Updated 2 months ago
• Nirusu / how-to-setup-a-honeypot
  How to setup a honeypot with an IDS, ELK and TLS traffic inspection
  ☆164Updated 3 years ago
• fox-it / skrapa
  A zero dependency and customizable Python library for scanning Windows and Linux process memory.
  ☆66Updated last year
• tylabs / quicksand
  QuickSand document and PDF malware analysis tool written in Python
  ☆134Updated 2 months ago
• spyre-project / spyre
  simple YARA-based IOC scanner
  ☆175Updated last week
• adulau / HHHash
  HTTP Headers Hashing (HHHash) is a technique used to create a fingerprint of an HTTP server based on the headers it returns.
  ☆79Updated 2 years ago
• telekom-security / malware_analysis
  This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.
  ☆120Updated 2 years ago
• swimlane / atomic-operator
  A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.
  ☆136Updated last year
• WhiteBeamSec / WhiteBeam
  WhiteBeam: Transparent endpoint security
  ☆101Updated 2 years ago
• michelcrypt4d4mus / yaralyzer
  Visually inspect and force decode YARA and regex matches found in both binary and text data with colors. Lots of colors.
  ☆144Updated last month
• codeyourweb / irma
  enpoint detection / live analysis & sandbox host / signatures quality test
  ☆44Updated 4 years ago
• docker-forensics-toolkit / toolkit
  A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
  ☆107Updated last year
• mthcht / ThreatHunting-Keywords-yara-rules
  yara detection rules for hunting with the threathunting-keywords project
  ☆157Updated 8 months ago
• alt3kx / wafaray
  Enhance your malware detection with WAF + YARA (WAFARAY)
  ☆108Updated 3 years ago