stairwell-inc / threat-researchLinks
Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
☆23Updated last year
Alternatives and similar repositories for threat-research
Users that are interested in threat-research are comparing it to the libraries listed below
Sorting:
- Yara rules☆22Updated 2 years ago
- Python based CLI for MalwareBazaar☆37Updated last month
- A Modular MWDB Utility to Collect Fresh Malware Samples☆34Updated 4 years ago
- Python emulator for Excel XLM macros.☆18Updated 5 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆30Updated 5 years ago
- VirusTotal Intelligence Search☆38Updated 5 years ago
- D-Scan project for office document analysis and generating flow diagram of macro in documents. For demo visit☆29Updated 2 months ago
- ☆34Updated 2 years ago
- ☆15Updated 3 years ago
- Repository for scripts and tips for "Yara Scan Service"☆20Updated 2 years ago
- Low budget VirusTotal Intelligence Cosplay☆20Updated 3 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- Modular malware analysis artifact collection and correlation framework☆53Updated last year
- Standardized Malware Analysis Tool☆53Updated 4 years ago
- A multi-threaded malware sample downloader based upon given MD-5/SHA-1/SHA-256 hashes, using multiple malware databases.☆30Updated 2 years ago
- A collection of my public YARA signatures for various malware families☆29Updated 11 months ago
- Generates YARA rules to detect malware using API hashing☆17Updated 4 years ago
- Collection of scripts used to analyse malware or emails☆20Updated 4 years ago
- Python 3 library to build YARA rules.☆13Updated 3 years ago
- Yara rules written by me, for free use.☆19Updated 3 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 4 years ago
- A script that extracts embedded images from Office Open XML (OOXML) documents and generates image hash similarity graphs that cluster vis…☆21Updated 3 years ago
- MISP sighting server is a fast sighting server to store and look-up sightings on attributes (network indicators, file hashes, system indi…☆15Updated last year
- Collection of YARA signatures from individual research☆44Updated last year
- Script to pull newly-registered domains and check for similarity against a provided word list.☆13Updated 5 years ago
- Malware similarity platform with modularity in mind.☆78Updated 4 years ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 4 years ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆44Updated 4 years ago
- NTFS file system specimens☆13Updated 2 years ago
- Reads and prints information from the website MalAPI.io☆19Updated 3 years ago