y3n11 / CaptainLinks
Userland API monitor for threat hunting
☆58Updated 5 years ago
Alternatives and similar repositories for Captain
Users that are interested in Captain are comparing it to the libraries listed below
Sorting:
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Updated 2 years ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆44Updated 4 years ago
- Generate YARA rules for OOXML documents.☆38Updated 2 years ago
- ☆27Updated 3 years ago
- Documentation and parsers for different anti-virus quarantine formats.☆42Updated 4 years ago
- Random hunting ordiented yara rules☆97Updated 2 years ago
- ☆15Updated 3 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- ☆34Updated 2 years ago
- This is a repository that is meant to hold detections for various process injection techniques.☆34Updated 5 years ago
- Standardized Malware Analysis Tool☆53Updated 4 years ago
- Manipulate timestamps on NTFS☆52Updated 10 years ago
- A set of tools for collecting forensic information☆26Updated 5 years ago
- Unpacking and decryption tools for the Emotet malware☆45Updated 3 years ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆38Updated 2 years ago
- Pointer was developed for massive hunting and mapping Cobalt Strike servers exposed on the internet.☆67Updated 3 years ago
- ☆33Updated 3 years ago
- Modular malware analysis artifact collection and correlation framework☆53Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆95Updated 2 years ago
- Imphash-like calculation on Golang binaries☆49Updated 3 years ago
- Scripts, Yara rules and other files developed during malware investigations☆25Updated 2 years ago
- Get intelligence info (tags, mitre techniques, yara and more) and find similar malware in a fast and easy way☆18Updated 3 years ago
- Merge all Yara rules from official Yara github repository in one .yar file☆30Updated 7 years ago
- Code and Slides of my BSides London 2019 presentation about Attacker Emulation using CALDERA☆23Updated 6 years ago
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Updated last year
- Malware similarity platform with modularity in mind.☆78Updated 4 years ago
- VSCode extension for the YARA pattern matching language☆64Updated last year
- Scans a malware file and lists down the related MBC (Malware Behavior Catalog) details.☆22Updated 3 years ago
- ☆45Updated 2 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆73Updated 3 years ago