51. quincyImplementation of the DIMVA 2017 publication "Quincy: Detecting Host-Based Code Injection Attacks in Memory Dumps"
53. S1EMThis project is a SIEM with SIRP and Threat Intel, all in one.
54. ClaMPA Malware classifier dataset built with header fields’ values of Portable Executable files
55. YaraRulesMultiple rules for yara-project for detect compiler/packer/protector
56. ThreatHuntingThis is just my personal compilation of APT malware from whitepaper releases, documents and malware samples from my personal research.
68. whohkwhohk,linux下一款强大的应急响应工具 在linux下的应急响应往往需要通过繁琐的命令行来查看各个点的情况,有的时候还需要做一些格式处理,这对于linux下命令不是很熟悉的人比较不友好。本工具将linux下应急响应中常用的一些操作给集合了起来,并处理成了较为友好的格式,只需要通过一个参数就能代替繁琐复杂的命令来实现对各个点的检查。