Pinned Repositories
100daysofYARA2024
Rules shared by the community from 100 Days of YARA 2024
Absolutely-Positively-NOT-Hacking-Back-with-Pcap
Streaming Unexpected Network Byte Sequences with High Probability of Blue Screening or Otherwise Crashing Attacker Command-and-Control Nodes
Cerebro
Scripts and lists to help generate YARA friendly string mutations
ConventionEngine
ConventionEngine - A Yara Rulepack for PDB Path Hunting
Reversing-the-Reversing-of-the-TriStation-Protocol
"Reversing the Reversing of the TriStation Protocol" presented at SEC-T 0x0B in 2018
RonnieColemanYARAParser
An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.
threat-research
Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
TriStation-Wireshark-Dissector
Basic Wireshark LUA dissector for TriStation Protocol
stvemillertime's Repositories
stvemillertime/ConventionEngine
ConventionEngine - A Yara Rulepack for PDB Path Hunting
stvemillertime/Cerebro
Scripts and lists to help generate YARA friendly string mutations
stvemillertime/100daysofYARA2024
Rules shared by the community from 100 Days of YARA 2024
stvemillertime/DefenderYara
Extracted Yara rules from Windows Defender mpavbase and mpasbase
stvemillertime/100DaysofYARA-2023
Rules Shared by the Community from 100 Days of YARA 2023
stvemillertime/stvemillertime.github.io
bleep bloop
stvemillertime/100daysofYARA-2022
stvemillertime/apooxml
Generate YARA rules for OOXML documents.
stvemillertime/bitsofbinary.github.io
stvemillertime/CS7038-Malware-Analysis
Course Repository for University of Cincinnati Malware Analysis Class (CS[567]038)
stvemillertime/CyberThreatIntel
Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups
stvemillertime/decompressingyara
For running Yara rules on malware samples stored in compressed files.
stvemillertime/embee-research-yara
stvemillertime/etwunhook
Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.
stvemillertime/halogen
Automatically create YARA rules from malicious documents.
stvemillertime/Hyara
Yara rule making tool (IDA Pro & Binary Ninja & Cutter & Ghidra Plugin)
stvemillertime/Kimsuky-Android-RAT-Client
stvemillertime/macos-ttps-yara
A ruleset to find potentially malicious code in macOS malware samples
stvemillertime/malpedia-flossed
FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.
stvemillertime/malware-yara
YARA rules for malware detection
stvemillertime/mlget
A golang CLI tool to download malware from a variety of sources.
stvemillertime/nodes
A collection of Synapse node files.
stvemillertime/Orion
A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...
stvemillertime/reportfolio
stvemillertime/Some-Blurbs
Archive of notable tweets and tweet threads.
stvemillertime/synapse-pluto
stvemillertime/yara-forge-docker
Run YARA Forge in a Docker container
stvemillertime/Yara-Jam-Sesh
An experimental YARA scanner package for process memory and files
stvemillertime/yara-language-nsfw
Lists of not-suitable-for-work words as YARA rules
stvemillertime/YARA-Performance-Guidelines
A guide on how to write fast and memory friendly YARA rules