This is a tool that allows you to offensively use YARA to apply a filter to the events being reported by windows event logging. Usage Grap the latest verison...
Tag - Yara
Kraken is a simple cross-platform Yara scanner that can be built for Windows, Mac, FreeBSD and Linux. It is primarily intended for incident response, research...
Scan files or process memory for Cobalt Strike beacons and parse their configuration. CobaltStrikeScan scans Windows process memory for evidence of DLL...
…a simple, self-contained modular host-based IOC scanner Spyre is a simple host-based IOC scanner built around the YARA pattern matching engine and other...
IRFuzz is a simple scanner with yara rules for document archives or any files. Install 1. Prerequisites Linux or OS X Yara: just use the latest release source...
SGN is a polymorphic binary encoder for offensive security purposes such as generating statically undetecable binary payloads. It uses a additive feedback loop...
Fenrir is a simple IOC scanner bash script. It allows scanning Linux/Unix/OSX systems for the following Indicators of Compromise (IOCs): Hashes MD5, SHA1 and...
stoQ is a automation framework that helps to simplify the more mundane and repetitive tasks an analyst is required to do. It allows analysts and DevSecOps...
Use this IDA python plugin to scan your binary with yara rules. All the yara rule matches will be listed with their offset so you can quickly hop to them! All...
Ever wanted to turn your AV console into an Incident Response & Threat Hunting machine? Rastrea2r (pronounced “rastreador” – hunter- in...