Alternatives and similar repositories for sandfly-entropyscan

Users that are interested in sandfly-entropyscan are comparing it to the libraries listed below

• blacklotuslabs / IOCs
  IOCs published by Black Lotus Labs
  ☆124Updated 3 weeks ago
• iomoath / yara-scanner
  YaraScanner is a file pattern-matching tool based on YARA rules.
  ☆59Updated 2 years ago
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆78Updated 2 years ago
• sandflysecurity / sandfly-file-decloak
  Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.
  ☆29Updated last month
• codeyourweb / irma
  enpoint detection / live analysis & sandbox host / signatures quality test
  ☆44Updated 4 years ago
• Neo23x0 / Loki2
  LOKI2 - Simple IOC and YARA Scanner
  ☆106Updated 4 months ago
• michelcrypt4d4mus / yaralyzer
  Visually inspect and force decode YARA and regex matches found in both binary and text data with colors. Lots of colors.
  ☆143Updated 2 months ago
• WithSecureLabs / detectree
  Data visualization for blue teams
  ☆126Updated 2 years ago
• tylabs / quicksand
  QuickSand document and PDF malware analysis tool written in Python
  ☆135Updated 3 weeks ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆66Updated 3 years ago
• spyre-project / spyre
  simple YARA-based IOC scanner
  ☆170Updated last month
• YARAHQ / yara-forge
  Automated YARA Rule Standardization and Quality Assurance Tool
  ☆257Updated last week
• StrangerealIntel / Orion
  A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...
  ☆140Updated 2 years ago
• tstromberg / sunlight
  Linux #rootkit and #malware revealer
  ☆28Updated last year
• mthcht / ThreatHunting-Keywords-yara-rules
  yara detection rules for hunting with the threathunting-keywords project
  ☆153Updated 6 months ago
• docker-forensics-toolkit / toolkit
  A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
  ☆107Updated last year
• claroty / arya
  Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.
  ☆257Updated 2 years ago
• nikhilh-20 / ELFEN
  ELFEN: Automated Linux Malware Analysis Sandbox
  ☆129Updated 3 months ago
• referefref / honeydet
  Signature based honeypot detector tool written in Golang
  ☆106Updated 8 months ago
• swisscom / ArtifactCollectionMatrix
  Forensic Artifact Collection Tool Matrix
  ☆91Updated last year
• viper-framework / viper2
  File analysis and management framework.
  ☆90Updated 2 years ago
• Nirusu / how-to-setup-a-honeypot
  How to setup a honeypot with an IDS, ELK and TLS traffic inspection
  ☆163Updated 3 years ago
• malpedia / signator-rules
  Collection of rules created using YARA-Signator over Malpedia
  ☆141Updated last year
• CybercentreCanada / CCCS-Yara
  YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
  ☆109Updated 6 months ago
• cado-security / rip_raw
  Rip Raw is a small tool to analyse the memory of compromised Linux systems.
  ☆133Updated 3 years ago
• evilsocket / sauron
  A minimalistic cross-platform malware scanner with non-blocking realtime filesystem monitoring using YARA rules.
  ☆230Updated 3 years ago
• Velocidex / evtx
  Golang Parser for Microsoft Event Logs
  ☆105Updated 2 weeks ago
• alex-cart / LEAF
  Linux Evidence Acquisition Framework
  ☆118Updated last year
• FourCoreLabs / firedrill
  firedrill is a malware simulation harness for evaluating your security controls
  ☆194Updated last year
• theflakes / Linux_Forensic_Harvester
  Harvest Linux forensic data for operational triage of an event.
  ☆51Updated last year