capa-rules
Capabilities detector
A standard collection of rules for identifying capabilities in programs
Standard collection of rules for capa: the tool for enumerating the capabilities of programs
549 stars
23 watching
164 forks
last commit: 11 months ago Related projects:
| Repository | Description | Stars |
|---|---|---|
| mandiant/capa | An executable file analysis tool that identifies capabilities and potential malicious behaviors. | 4,944 |
| mandiant/mandiant-azure-ad-investigator | A PowerShell module designed to detect potential security threats in Azure AD environments | 617 |
 trancee/capacitor-google-mlkit-vision | An app for on-device face detection using machine learning | 13 |
 tdahlmann/canpp | A comprehensive software framework for designing, simulating, analyzing and interacting with CAN bus networks | 44 |
 zjlywjh001/can_omega | A tool for hacking and analyzing car CAN bus systems | 44 |
 neo23x0/rules | A centralized repository of Yara rules for detecting malware and other malicious activities. | 10 |
 gaul/modernizer-maven-plugin | Detects uses of legacy Java APIs in source code to recommend modern alternatives. | 379 |
 cap-go/capacitor-mute | A plugin to detect if a device's mute switch is enabled or disabled | 6 |
 aleksibovellan/opnsense-suricata-nmaps | Customized Suricata detection rules to identify NMAP scan types | 59 |
 junker/mobiledetect | A system for detecting mobile devices in user agent strings using patterns and regular expressions. | 4 |
 zhangludl/code-and-dataset-for-capsal | Provides code and datasets for a saliency object detection method that leverages captioning to improve accuracy | 50 |
 travisbgreen/hunting-rules | Provides Suricata IDS alert rules for detecting network anomalies | 154 |
 chronicle/detection-rules | A collection of YARA-L 2.0 sample rules and dashboards for threat detection in Google Security Operations | 326 |
 seeeddocument/usb-can-analyzer | An adapter that enables communication between a CAN bus device and a computer via USB. | 102 |
 mostaphabahadou/postenum | Automates system information gathering after gaining access to a Linux system. | 281 |