GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → mandiant → ThreatPursuit-VM

mandiant / ThreatPursuit-VM

Licence: other
Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.

Programming Languages

powershell
5483 projects
autohotkey
350 projects
Batchfile
5799 projects

Labels

data-scienceintelligenceanalyticsvirtual-machinemalwarethreatcyberfireeyeintelligence-analysismandiantthreatintelligencethreathunting

Projects that are alternatives of or similar to ThreatPursuit-VM

Threatpursuit Vm
Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.
Stars: ✭ 814 (-21.2%)
Mutual labels:  intelligence, virtual-machine, malware, threat
Intelmq
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
Stars: ✭ 611 (-40.85%)
Mutual labels:  intelligence, malware, threat
Opencti
Authors
Stars: ✭ 2,165 (+109.58%)
Mutual labels:  intelligence, cyber
Simplify
Android virtual machine and deobfuscator
Stars: ✭ 3,865 (+274.15%)
Mutual labels:  virtual-machine, malware
Reverse Engineering Tutorial
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
Stars: ✭ 5,763 (+457.89%)
Mutual labels:  malware, cyber
Pafish
Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
Stars: ✭ 2,026 (+96.13%)
Mutual labels:  virtual-machine, malware
Aptmap
A map displaying threat actors from the misp-galaxy
Stars: ✭ 17 (-98.35%)
Mutual labels:  intelligence, threat
MurMurHash
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (-92.35%)
Mutual labels:  threatintelligence, threathunting
ShitVM
가벼운 가상머신
Stars: ✭ 14 (-98.64%)
Mutual labels:  virtual-machine
TWVM
A tiny, lightweight and efficient WebAssembly virtual machine.
Stars: ✭ 105 (-89.84%)
Mutual labels:  virtual-machine
rawsec-cybersecurity-inventory
An inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.
Stars: ✭ 153 (-85.19%)
Mutual labels:  cyber
ConTroll Remote Access Trojan
Created a VERY SIMPLE remote access Trojan that will establish administrative control over any windows machine it compromises.
Stars: ✭ 69 (-93.32%)
Mutual labels:  malware
ArminC-uBlock-Settings
⚙️ ArminC's settings for uBlock₀ - remove most of the ads, pop-ups and trackers.
Stars: ✭ 24 (-97.68%)
Mutual labels:  malware
yara
Malice Yara Plugin
Stars: ✭ 27 (-97.39%)
Mutual labels:  malware
Arduino-Shell
RPN Postscript/Forth Command Shell for Arduino
Stars: ✭ 19 (-98.16%)
Mutual labels:  virtual-machine
SBTCVM-Gen2-9
SBTCVM is a virtual machine implementation of a balanced ternary (base 3) computer. Features several compiled languages for ternary software development.
Stars: ✭ 32 (-96.9%)
Mutual labels:  virtual-machine
misp-packer
Build Automated Machine Images for MISP
Stars: ✭ 25 (-97.58%)
Mutual labels:  virtual-machine
mima
MIninmal MAchine Assembler and Simulator
Stars: ✭ 19 (-98.16%)
Mutual labels:  virtual-machine
vm
The mm-ADT Virtual Machine
Stars: ✭ 29 (-97.19%)
Mutual labels:  virtual-machine
fame modules
Community modules for FAME
Stars: ✭ 55 (-94.68%)
Mutual labels:  malware
View All Similar Projects ➔ 
      __   __                         __      
    _/  |_|  |_________  ____ _____ _/  |_    
    \   __|  |  \_  __ _/ __ \\__  \\   __\   
     |  | |   Y  |  | \\  ___/ / __ \|  |     
     |__| |___|  |__|   \___  (____  |__|     
     ______  __ _________ ________ __|___/  |
     \____ \|  |  \_  __ /  ___|  |  |  \   __\
     |  |_> |  |  /|  | \\___ \|  |  |  ||  |
     |   __/|____/ |__| /____  |____/|__||__|
     |__|                    \/

            MANDIANT THREAT INTELLIGENCE VM
                   Version 2020.1
              [email protected]

                     Created by:
                     Dan Kennedy
              Jake Barteaux @day1player
          Blaine Stancill @MalwareMechanic
                     Nhan Huynh
      Front Line Advanced Research and Expertise

Pre-Requisites

Google Chrome Browser

Oracle Java SE 11 or Greater

Installation (Install Script)

Requirements

Recommended

  • Windows 10 1903
  • 120+ GB Hard Drive
  • 8+ GB RAM
  • 1 network adapters
  • 1024mb Graphics Card Memory
  • Enable Virtualization support for VM (Required for Docker)

Known Issues

Using Oracle Virtualbox as the virtualisation software running from a Windows 10 physical host, will cause issues with the Docker install. There is currently no workaround other than using VMware Player or VMware Workstation.

Instructions

Standard install

  1. Create and configure a new Windows Virtual Machine
  2. Ensure VM is updated completely. You may have to check for updates, reboot, and check again until no more remain
  3. Take a snapshot of your machine!
  4. Download and copy install.ps1 on your newly configured machine.
  5. Open PowerShell as an Administrator
  6. Unblock the install file by running Unblock-File .\install.ps1
  7. Enable script execution by running Set-ExecutionPolicy Unrestricted -f
  8. Finally, execute the installer script as follows: .\install.ps1 You can also pass your password as an argument: .\install.ps1 -password The script will set up the Boxstarter environment and proceed to download and install the ThreatPursuit VM environment. You will be prompted for the administrator password in order to automate host restarts during installation. If you do not have a password set, hitting enter when prompted will also work.

Installed Tools

Development, Analytics and Machine Learning

  • Shogun
  • Tensorflow
  • Pytorch
  • Rstudio
  • RTools
  • Darwin
  • Keras
  • Apache Spark
  • Elasticsearch
  • Kibana
  • Apache Zeppelin
  • Jupyter Notebook
  • MITRE Caret
  • Python (x64)

Visualisation

  • Constellation
  • Neo4J
  • CMAP

Triage, Modelling & Hunting

  • MISP
  • OpenCTI
  • Maltego
  • Splunk
  • Microsoft MSTIC Jupyter and Python Security Tools
  • MITRE ATT&CK Navigator
  • Cortex Analyzer
  • Greynoise API and GNQL
  • threatcrowd API
  • threatcmd
  • ViperMonkey
  • Threat Hunters Playbook
  • MITRE TRAM
  • SIGMA
  • YETI
  • Azure Zentinel
  • AMITT Framework

Adversarial Emulation

  • MITRE Calderra
  • Red Canary ATOMIC Red Team
  • Mordor Re-play Adversarial Techniques
  • MITRE Caltack Plugin
  • APTSimulator
  • FlightSim

Information Gathering

  • Maltego
  • nmap
  • intelmq
  • dnsrecon
  • orbit
  • FOCA

Utilities and Links

  • CyberChef
  • KeepPass
  • FLOSS
  • peview
  • VLC
  • AutoIt3
  • Chrome
  • OpenVPN
  • Sublime
  • Notepad++
  • Docker Desktop
  • HxD
  • Sysinternals
  • Putty
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].