sbousseaden / YaraHuntsLinks
Random hunting ordiented yara rules
☆96Updated 2 years ago
Alternatives and similar repositories for YaraHunts
Users that are interested in YaraHunts are comparing it to the libraries listed below
Sorting:
- Malware similarity platform with modularity in mind.☆78Updated 3 years ago
- A repo to document API functions mapped to security events across diverse platforms☆75Updated 5 years ago
- A YARA Rule Performance Measurement Tool☆59Updated last year
- Simple yara rule manager☆66Updated 2 years ago
- Various capabilities for static malware analysis.☆78Updated 8 months ago
- Collection of YARA signatures from individual research☆44Updated last year
- Automatically create YARA rules from malicious documents.☆211Updated 3 years ago
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆104Updated 3 weeks ago
- YARA rule analyzer to improve rule quality and performance☆101Updated last month
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Updated last year
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆38Updated 2 years ago
- A repository that maps API calls to Sysmon Event ID's.☆121Updated 2 years ago
- Repository with selected IOCs and YARA rules for threat hunting.☆35Updated last week
- Research indicators and detection rules☆66Updated last year
- Collection of useful, up to date, Carbon Black Response Queries☆83Updated 4 years ago
- Yara Based Detection Engine for web browsers☆47Updated 3 years ago
- Cloud Templates and scripts to deploy mordor environments☆129Updated 4 years ago
- Community modules for FAME☆65Updated 4 months ago
- A VBA parser and emulation engine to analyze malicious macros.☆96Updated last week
- VSCode extension for the YARA pattern matching language☆64Updated last year
- Import specific data sources into the Sigma generic and open signature format.☆78Updated 3 years ago
- Invoke-LiveResponse☆148Updated 3 years ago
- Detect possible sysmon logging bypasses given a specific configuration☆111Updated 6 years ago
- Extract BITS jobs from QMGR queue and store them as CSV records☆75Updated 3 months ago
- Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.☆65Updated 2 years ago
- A library for fast parse & import of Windows Eventlogs into Elasticsearch.☆85Updated last month
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆73Updated last year
- Generate YARA rules for OOXML documents.☆38Updated 2 years ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆52Updated 4 years ago
- A collection of my public YARA signatures for various malware families☆29Updated 8 months ago