Alternatives and similar repositories for YaraSharp

Users that are interested in YaraSharp are comparing it to the libraries listed below

• microsoft / libyara.NET
  .NET wrapper for libyara built in C++ CLI used to easily incorporate yara into .NET projects
  ☆55Updated 10 months ago
• wireless90 / ProcessInjector.NET
  Learning Process Injection and Hollowing techniques
  ☆41Updated 3 years ago
• secana / CertDump
  Dump certificates from PE files in different formats
  ☆38Updated last year
• airbus-cert / dnYara
  A multi-platform .Net wrapper library for the native Yara library.
  ☆38Updated last year
• enkomio / RunDotNetDll
  A simple utility to list all methods of a given .NET Assembly and to invoke them
  ☆74Updated 3 years ago
• bytecode77 / bytecode-api
  Framework for C# development
  ☆71Updated this week
• malcomvetter / WMIProcessWatcher
  An example pattern in C# for using WMI to monitor process creation and termination events.
  ☆52Updated 6 years ago
• djhohnstein / .NET-Profiler-DLL-Hijack
  Implementation of the .NET Profiler DLL hijack in C#
  ☆98Updated 6 years ago
• FuzzySecurity / Driver-Template
  Bare template for a Kernel Mode Driver
  ☆51Updated 5 years ago
• TheWover / ModuleMonitor
  Uses WMI Event Win32_ModuleLoadTrace to monitor module loading. Provides filters, and detailed data. Has an option to monitor for CLR Inj…
  ☆41Updated 6 years ago
• Scavanger / MemoryModule.net
  Loading a native DLL in the memory.
  ☆69Updated 7 years ago
• friedkiwi / netcrypt
  .NET executable packer
  ☆63Updated 6 years ago
• herrcore / CmdDesktopSwitch
  CmdDesktopSwitch is a small utility that lists all windows desktops and provides the option to switch between them. This can be used to i…
  ☆35Updated 9 years ago
• ITAYC0HEN / SUNBURST-Cracked
  The following repository contains a modified version of SUNBURST with cracekd hashes, comments and annotations.
  ☆56Updated 4 years ago
• TheWover / EasyNet
  Simple packer for arbitrary data using only .NET API calls. Produces a unique signature with every usage. Standalone program and library.…
  ☆93Updated 6 years ago
• mandiant / jitm
  JITM is an automated tool to bypass the JIT Hooking protection on a .NET sample.
  ☆54Updated 4 years ago
• enkomio / Anathema
  .NET instrumentation framework
  ☆72Updated 7 years ago
• t3rabyt3-zz / Gozi
  Gozi ISFB is a well-known and widely distributed banking trojan, and has been in the threat landscape for the past several years.
  ☆65Updated 7 years ago
• secana / PeNet-Analyzer
  Analyzers for Portable Executable anomalies and other malware behavior.
  ☆32Updated last year
• CERT-Polska / dbglib
  ☆24Updated last year
• mobdk / CloneProcess
  Clone running process with ZwCreateProcess
  ☆57Updated 4 years ago
• nccgroup / WindowsMemPageDelta
  A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection
  ☆31Updated 4 years ago
• OmerYa / Named-Pipe-Sniffer
  Mario & Luigi - Tools for sniffing Windows Named Pipes communication
  ☆129Updated 8 years ago
• pigeonhands / FacelessDebugger
  .net debugger / msil interpreter / emulator
  ☆16Updated 6 years ago
• Washi1337 / ProxyObjects
  A Proof-of-Concept implementation for Proxy Object Obfuscation in .NET
  ☆48Updated 2 years ago
• hasherezade / pe2pic
  Small visualizator for PE files
  ☆69Updated last year
• endgameinc / ClrGuard
  ☆217Updated 7 years ago
• marcin-chwedczuk / dll-inject
  Simple DLL injector written in C#
  ☆24Updated 9 years ago
• TheWover / Manager
  Library of tools and examples for loading/bootstrapping managed code from unmanaged code in .NET
  ☆63Updated 5 years ago
• CodeCracker-Tools / Confuser-Methods-Decryptor
  ☆43Updated 8 years ago