stvemillertime

stvemillertime's Stars

• getreu/stringsext

  Find multi-byte-encoded strings in binary data (Gitlab mirror).

  Language:Rust1199

• stvemillertime/Cerebro

  Scripts and lists to help generate YARA friendly string mutations

  Language:YARA193

• 0xTriboulet/Revenant

  Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework

  Language:C36942

• ald3ns/copy-as-yara

  This is a little plugin to copy disassembly in a way that is usable in YARA rules!

  Language:Python391

• mrphrazer/obfuscation_detection

  Binary Ninja plugin to identify obfuscated code and other interesting code constructs

  Language:Python58265

• xorhex/mlget

  A golang CLI tool to download malware from a variety of sources.

  Language:Go14120

• Neo23x0/YARA-Performance-Guidelines

  A guide on how to write fast and memory friendly YARA rules

  12818

• stvemillertime/100DaysofYARA-2023

  Rules Shared by the Community from 100 Days of YARA 2023

  Language:YARA1

• colincowie/100DaysOfYara_2023

  #100DaysOfYara is a challenge in which participants aim to create 100 Yara rules over the course of 100 days. This could involve creating new rules to identify previously unknown malware, or updating and improving existing rules.

  Language:YARA2

• sophos/yaraml_rules

  Security ML models encoded as Yara rules

  Language:Python21426

• StrangerealIntel/CyberThreatIntel

  Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups

  Language:JavaScript707136

• lsoumille/Yara_Merger

  Merge all Yara rules from official Yara github repository in one .yar file

  Language:Python2811

• hillu/go-yara

  Go bindings for YARA

  Language:Go363112

• stvemillertime/hashdb

  Assortment of hashing algorithms used in malware

  1

• aaronst/nodes

  A collection of Synapse node files.

  41

• LiveMirror/pcshare

  Language:C++7061

• plyara/plyara

  Parse YARA rules and operate over them more easily.

  Language:Python17539

• vivisect/vivisect

  Language:Python946188

• FuzzySecurity/WWHF-WayWest-2022

  382

• trustedsec/ELFLoader

  Language:C25445

• MortenSchenk/Token-Stealing-Shellcode

  Language:Assembly5128

• trendmicro/tlsh

  Language:Max757138

• ace-ecosystem/yara_scanner

  A Python wrapper library for libyara and a local server for fully utilizing the CPUs of the system to scan with yara...with additional capabilities.

  Language:Python188

• mbrengel/yarix

  Language:C5712

• tombonner/tbostrings

  Dump printable ASCII/UNICODE strings from a given file in a single pass.

  Language:C72

• taviso/loadlibrary

  Porting Windows Dynamic Link Libraries to Linux

  Language:C4.3k379

• boku7/azureOutlookC2

  Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Microsoft Graph API for C2 Operations.

  Language:C46596

• enkomio/RunDotNetDll

  A simple utility to list all methods of a given .NET Assembly and to invoke them

  Language:C#7111

• pwntester/ysoserial.net

  Deserialization payload generator for a variety of .NET formatters

  Language:C#3.3k480

• KasperskyLab/klara

  Kaspersky's GReAT KLara

  Language:PHP700138