Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
-
Updated
Jun 20, 2024 - C
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
A tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.
Rootkit spotter - experimental Linux rootkit finder LKM
Rootkit breaker - experimental Linux anti-rootkit tool based on kprobes
Anti-Ransomware Detection Tool
This is a virus removal (protection) tool for a virus commonly known as "Dulla virus" and several weeks later by A/V vendors Win32.Agent.cb. Motivation of the work: even though this PE infector is very dangerous and was stealthily spreading fast, the major A/V companies failed to respond to this threat. Hence, needed to make own removal and prot…
Security Aware Linux Scheduler
Experimental program that detects files & directories hidden by Linux trojan/rootkits
THAMARA - Threat Hunting with AMSI and YARA
A toolchain for ELF executables and malware, containing a standalone loader, file stripper, obfuscator for internal structure and a sophisticated packer
Testing samples for malware analysis testing
Simple Android daemon for detecting malware in runtime
Add a description, image, and links to the malware-detection topic page so that developers can more easily learn about it.
To associate your repository with the malware-detection topic, visit your repo's landing page and select "manage topics."