stellarbear / YaraSharp
C# wrapper around the Yara pattern matching library
☆34Updated 2 years ago
Related projects: ⓘ
- .NET wrapper for libyara built in C++ CLI used to easily incorporate yara into .NET projects☆49Updated last month
- An example pattern in C# for using WMI to monitor process creation and termination events.☆51Updated 6 years ago
- Framework for C# development☆66Updated this week
- A simple utility to list all methods of a given .NET Assembly and to invoke them☆71Updated 3 years ago
- CmdDesktopSwitch is a small utility that lists all windows desktops and provides the option to switch between them. This can be used to i…☆33Updated 8 years ago
- DotNext 2019 St. Petersburg Talk Demos☆36Updated 5 years ago
- ☆59Updated 2 months ago
- Simple DLL injector written in C#☆24Updated 8 years ago
- Lnk file parser☆78Updated 2 weeks ago
- ☆39Updated 10 months ago
- Implementation of the .NET Profiler DLL hijack in C#☆98Updated 5 years ago
- Dump certificates from PE files in different formats☆36Updated 8 months ago
- Win32 memory leak detector with ETW☆41Updated 6 years ago
- AlphaFS is a .NET library providing more complete Win32 file system functionality to the .NET platform than the standard System.IO classe…☆10Updated 3 years ago
- Bare template for a Kernel Mode Driver☆50Updated 4 years ago
- Mario & Luigi - Tools for sniffing Windows Named Pipes communication☆129Updated 7 years ago
- .NET executable packer☆55Updated 5 years ago
- $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility☆36Updated 2 months ago
- A manual system call library that supports functions from both ntdll.dll and win32u.dll☆107Updated last year
- JITM is an automated tool to bypass the JIT Hooking protection on a .NET sample.☆49Updated 3 years ago
- ☆59Updated this week
- My collection of unpackers for malware packers/crypters☆28Updated 7 years ago
- .NET instrumentation framework☆72Updated 6 years ago
- Simple packer for arbitrary data using only .NET API calls. Produces a unique signature with every usage. Standalone program and library.…☆90Updated 5 years ago
- .NET wrapper for dbghelp.dll☆21Updated 5 years ago
- A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection☆28Updated 3 years ago
- Uses WMI Event Win32_ModuleLoadTrace to monitor module loading. Provides filters, and detailed data. Has an option to monitor for CLR Inj…☆39Updated 5 years ago
- Clone running process with ZwCreateProcess☆58Updated 3 years ago
- A multi-platform .Net wrapper library for the native Yara library.☆35Updated last year
- Learning Process Injection and Hollowing techniques☆39Updated 2 years ago