stairwell-inc / threat-researchLinks
Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
☆22Updated last year
Alternatives and similar repositories for threat-research
Users that are interested in threat-research are comparing it to the libraries listed below
Sorting:
- Python 3 library to build YARA rules.☆13Updated 3 years ago
- Python based CLI for MalwareBazaar☆37Updated 7 months ago
- Steezy - Ghetto Yara Generation☆15Updated 2 years ago
- Modular malware analysis artifact collection and correlation framework☆53Updated last year
- Yara rules☆21Updated 2 years ago
- A Modular MWDB Utility to Collect Fresh Malware Samples☆34Updated 4 years ago
- Repository of Yara rules created by the Stratosphere team☆26Updated 3 years ago
- NTFS file system specimens☆13Updated last year
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆29Updated 4 years ago
- Reads and prints information from the website MalAPI.io☆19Updated 2 years ago
- Low budget VirusTotal Intelligence Cosplay☆20Updated 3 years ago
- ☆24Updated 2 years ago
- ☆34Updated 2 years ago
- Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing☆21Updated 2 years ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 4 years ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆43Updated 2 years ago
- ☆15Updated 3 years ago
- YARA Rule Strings Statistics Calculator and Malware Research Helper☆13Updated 3 years ago
- A tool to help malware analysts signature unique parts of RTF documents☆29Updated 4 months ago
- Generates YARA rules to detect malware using API hashing☆17Updated 4 years ago
- Generate YARA rules for OOXML documents.☆38Updated 2 years ago
- A collection of my public YARA signatures for various malware families☆29Updated 8 months ago
- A list of IOCs applicable to PoshC2☆24Updated 4 years ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Updated last year
- ☆22Updated 2 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆13Updated 3 years ago
- ☆21Updated 2 months ago
- Collection of scripts used to analyse malware or emails☆19Updated 4 years ago
- Repository for scripts and tips for "Yara Scan Service"☆20Updated 2 years ago