Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
☆23Jan 31, 2024Updated 2 years ago
Alternatives and similar repositories for threat-research
Users that are interested in threat-research are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Steezy - Ghetto Yara Generation☆15Mar 27, 2023Updated 3 years ago
- Low budget VirusTotal Intelligence Cosplay☆20Jan 6, 2022Updated 4 years ago
- Python 3 library to build YARA rules.☆13Oct 24, 2021Updated 4 years ago
- function identification signatures☆12Apr 26, 2021Updated 5 years ago
- My collection of scripts for Ghidra (https://github.com/NationalSecurityAgency/ghidra)☆10Sep 13, 2020Updated 5 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Generates YARA rules to detect malware using API hashing☆17Mar 16, 2021Updated 5 years ago
- YARI is an interactive debugger for YARA Language.☆90Sep 10, 2025Updated 8 months ago
- ☆23Mar 17, 2024Updated 2 years ago
- ☆23Dec 15, 2022Updated 3 years ago
- A collection of shellcode hashes☆17Aug 15, 2018Updated 7 years ago
- Imphash-like calculation on Golang binaries☆50Jul 2, 2022Updated 3 years ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Jan 18, 2023Updated 3 years ago
- This is a little plugin to copy disassembly in a way that is usable in YARA rules!☆48Apr 14, 2025Updated last year
- Synapse Rapid Power-up for SinkDB☆11Jun 24, 2025Updated 10 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- The Multiplatform Linux Sandbox☆16Dec 19, 2023Updated 2 years ago
- Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing☆24May 29, 2023Updated 2 years ago
- Easily scan with multiple yara rules from different sources.☆14Mar 9, 2024Updated 2 years ago
- Very loud vBulletin exploit☆14Aug 12, 2020Updated 5 years ago
- ☆16Apr 30, 2024Updated 2 years ago
- Private Search Set (PSS) is an extension to standard Bloom filter or a standalone hash file to describe and share private set.☆16Jan 10, 2025Updated last year
- Random hunting ordiented yara rules☆96Mar 27, 2023Updated 3 years ago
- Script to pull newly-registered domains and check for similarity against a provided word list.☆13Aug 2, 2020Updated 5 years ago
- Repository for scripts and tips for "Yara Scan Service"☆20Feb 19, 2023Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Splunk integration with MISP☆12Apr 14, 2018Updated 8 years ago
- Can you pay the ransom in your country?☆14Dec 18, 2023Updated 2 years ago
- This repository regroups the Yara Rules for the Unprotect Project☆26Nov 19, 2020Updated 5 years ago
- A guide on how to write fast and memory friendly YARA rules☆169Feb 11, 2025Updated last year
- AIL project training materials☆39Apr 21, 2026Updated 2 weeks ago
- A tool to help malware analysts signature unique parts of RTF documents☆28Jan 5, 2026Updated 4 months ago
- CERTITUDE - A python package to classify malicious URLs☆20May 16, 2022Updated 3 years ago
- Scan outlook inbox with yara rules,APIs and IOCs☆14Aug 3, 2018Updated 7 years ago
- Rules Shared by the Community from 100 Days of YARA 2023☆78Apr 12, 2023Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Yara rules☆21Mar 27, 2023Updated 3 years ago
- Gather information on Wiki contributions from IP ranges☆23Jan 21, 2018Updated 8 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆25Mar 27, 2017Updated 9 years ago
- Python bindings for the Zydis disassembler library☆17Jul 2, 2019Updated 6 years ago
- Signatures and IoCs from public Volexity blog posts.☆367Dec 4, 2025Updated 5 months ago
- Tool to rip system and user data from OSX and macOS☆16Dec 6, 2022Updated 3 years ago
- Indicators of compromise, YARA rules, and Python scripts to supplement the SANS CTI Summit 2021 talk: "xStart when you're ready".☆14Jul 12, 2021Updated 4 years ago