stairwell-inc / threat-researchView external linksLinks
Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
☆23Jan 31, 2024Updated 2 years ago
Alternatives and similar repositories for threat-research
Users that are interested in threat-research are comparing it to the libraries listed below
Sorting:
- Steezy - Ghetto Yara Generation☆15Mar 27, 2023Updated 2 years ago
- Low budget VirusTotal Intelligence Cosplay☆20Jan 6, 2022Updated 4 years ago
- function identification signatures☆12Apr 26, 2021Updated 4 years ago
- Python 3 library to build YARA rules.☆13Oct 24, 2021Updated 4 years ago
- Script to pull newly-registered domains and check for similarity against a provided word list.☆13Aug 2, 2020Updated 5 years ago
- ☆23Mar 17, 2024Updated last year
- Easily scan with multiple yara rules from different sources.☆14Mar 9, 2024Updated last year
- YARI is an interactive debugger for YARA Language.☆89Sep 10, 2025Updated 5 months ago
- Very loud vBulletin exploit☆14Aug 12, 2020Updated 5 years ago
- Generates YARA rules to detect malware using API hashing☆17Mar 16, 2021Updated 4 years ago
- Python bindings for the Zydis disassembler library☆17Jul 2, 2019Updated 6 years ago
- AIL project training materials☆39Jul 17, 2025Updated 7 months ago
- Gather information on Wiki contributions from IP ranges☆23Jan 21, 2018Updated 8 years ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Jan 18, 2023Updated 3 years ago
- ☆16Apr 30, 2024Updated last year
- ☆23Dec 15, 2022Updated 3 years ago
- Repository for scripts and tips for "Yara Scan Service"☆20Feb 19, 2023Updated 2 years ago
- This is a little plugin to copy disassembly in a way that is usable in YARA rules!☆48Apr 14, 2025Updated 10 months ago
- This repository regroups the Yara Rules for the Unprotect Project☆26Nov 19, 2020Updated 5 years ago
- Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing☆25May 29, 2023Updated 2 years ago
- Taranis NG is an OSINT gathering and analysis tool for CSIRT teams and organisations. It allows team-to-team collaboration, and contains …☆10Oct 17, 2023Updated 2 years ago
- Build Automated Machine Images for MISP☆29Jun 9, 2023Updated 2 years ago
- Yara rules☆22Mar 27, 2023Updated 2 years ago
- Imphash-like calculation on Golang binaries☆49Jul 2, 2022Updated 3 years ago
- A Postfix filter which takes a piped message and submits it to Cuckoo Sandbox☆11Apr 3, 2016Updated 9 years ago
- Python framework to solve crypto problems using grainofsalt and cryptominisat☆14May 24, 2022Updated 3 years ago
- Passive DNS server interface compliant to "Common Output Format"☆10Sep 19, 2016Updated 9 years ago
- A Python client for the Global CVE Allocation System.☆17Jan 31, 2026Updated 2 weeks ago
- ☆24Sep 28, 2022Updated 3 years ago
- A tool to help malware analysts signature unique parts of RTF documents☆29Jan 5, 2026Updated last month
- 🖼 imgify - Convert any file to PNG and back.☆13Oct 20, 2025Updated 3 months ago
- [ARCHIVED -- USE TXT2DETECTION] A command line tool that converts Sigma Rules into STIX 2.1 Objects.☆12Jan 13, 2025Updated last year
- Synapse Rapid Power-up for SinkDB☆11Jun 24, 2025Updated 7 months ago
- A collection of my public YARA signatures for various malware families☆30Sep 20, 2024Updated last year
- Tool for automatic list generation of known TOR and VPN exit nodes☆29Dec 21, 2023Updated 2 years ago
- Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists☆35Jan 8, 2026Updated last month
- Rules Shared by the Community from 100 Days of YARA 2023☆78Apr 12, 2023Updated 2 years ago
- Plugins for the Viper Framework☆14Sep 21, 2019Updated 6 years ago
- #️⃣ 🕸️ 👤 HTTP Headers Hashing☆13Aug 27, 2023Updated 2 years ago