├── APT_SLUB_Backdoor.yara
├── MaliciousDLLGenerator.yara
├── README.md
├── apt_solarwinds_backdoor_encoded_strings.yara
├── apt_xdspy_xdupload.yara
├── hunt_capab_credentials_access.yara
├── hunt_creditcard_memscrap.yara
├── hunt_cve_2019_1458.yara
├── hunt_edr_discovery.yara
├── hunt_lsass_ntds_extension.yara
├── hunt_memory_evtmutehook.yara
├── hunt_mimikatz_dcsync.yara
├── hunt_mimikatz_zerologon.yar
├── hunt_procinj_instrcallback.yara
├── hunt_skyproj_backdoor.yara
├── hunt_sliver_go_framwwork.yara
├── hunt_susp_msoffice_addins_wxll.yara
├── hunt_susp_vhd.yara
├── hunt_trunc_nativesyscall_win10_64.yara
├── infinityhook.yara
├── kiwikey.yara
├── mimikatz_memssp_hookfn.yara
├── shad0w.yara
├── shad0w_beacon_16June.yara
├── shad0w_ldrhook.yara
├── susp_winsvc_upx.yara
├── tdl_loader_bootstrat_shellcode.yara
└── wow64log.yara


/APT_SLUB_Backdoor.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/APT_SLUB_Backdoor.yara


--------------------------------------------------------------------------------
/MaliciousDLLGenerator.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/MaliciousDLLGenerator.yara


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/README.md


--------------------------------------------------------------------------------
/apt_solarwinds_backdoor_encoded_strings.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/apt_solarwinds_backdoor_encoded_strings.yara


--------------------------------------------------------------------------------
/apt_xdspy_xdupload.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/apt_xdspy_xdupload.yara


--------------------------------------------------------------------------------
/hunt_capab_credentials_access.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/hunt_capab_credentials_access.yara


--------------------------------------------------------------------------------
/hunt_creditcard_memscrap.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/hunt_creditcard_memscrap.yara


--------------------------------------------------------------------------------
/hunt_cve_2019_1458.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/hunt_cve_2019_1458.yara


--------------------------------------------------------------------------------
/hunt_edr_discovery.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/hunt_edr_discovery.yara


--------------------------------------------------------------------------------
/hunt_lsass_ntds_extension.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/hunt_lsass_ntds_extension.yara


--------------------------------------------------------------------------------
/hunt_memory_evtmutehook.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/hunt_memory_evtmutehook.yara


--------------------------------------------------------------------------------
/hunt_mimikatz_dcsync.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/hunt_mimikatz_dcsync.yara


--------------------------------------------------------------------------------
/hunt_mimikatz_zerologon.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/hunt_mimikatz_zerologon.yar


--------------------------------------------------------------------------------
/hunt_procinj_instrcallback.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/hunt_procinj_instrcallback.yara


--------------------------------------------------------------------------------
/hunt_skyproj_backdoor.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/hunt_skyproj_backdoor.yara


--------------------------------------------------------------------------------
/hunt_sliver_go_framwwork.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/hunt_sliver_go_framwwork.yara


--------------------------------------------------------------------------------
/hunt_susp_msoffice_addins_wxll.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/hunt_susp_msoffice_addins_wxll.yara


--------------------------------------------------------------------------------
/hunt_susp_vhd.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/hunt_susp_vhd.yara


--------------------------------------------------------------------------------
/hunt_trunc_nativesyscall_win10_64.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/hunt_trunc_nativesyscall_win10_64.yara


--------------------------------------------------------------------------------
/infinityhook.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/infinityhook.yara


--------------------------------------------------------------------------------
/kiwikey.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/kiwikey.yara


--------------------------------------------------------------------------------
/mimikatz_memssp_hookfn.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/mimikatz_memssp_hookfn.yara


--------------------------------------------------------------------------------
/shad0w.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/shad0w.yara


--------------------------------------------------------------------------------
/shad0w_beacon_16June.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/shad0w_beacon_16June.yara


--------------------------------------------------------------------------------
/shad0w_ldrhook.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/shad0w_ldrhook.yara


--------------------------------------------------------------------------------
/susp_winsvc_upx.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/susp_winsvc_upx.yara


--------------------------------------------------------------------------------
/tdl_loader_bootstrat_shellcode.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/tdl_loader_bootstrat_shellcode.yara


--------------------------------------------------------------------------------
/wow64log.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/YaraHunts/HEAD/wow64log.yara


--------------------------------------------------------------------------------