LokiLoki - Simple IOC and Incident Response Scanner
Stars: ✭ 2,217 (+3259.09%)
dcflddEnhanced version of dd for forensics and security
Stars: ✭ 27 (-59.09%)
YobiYara Based Detection Engine for web browsers
Stars: ✭ 39 (-40.91%)
yara-forensicsSet of Yara rules for finding files using magics headers
Stars: ✭ 115 (+74.24%)
Signature BaseSignature base for my scanner tools
Stars: ✭ 1,212 (+1736.36%)
ForensicsToolsA list of free and open forensics analysis tools and other resources
Stars: ✭ 392 (+493.94%)
SiemSIEM Tactics, Techiques, and Procedures
Stars: ✭ 157 (+137.88%)
YaraSharpC# wrapper around the Yara pattern matching library
Stars: ✭ 29 (-56.06%)
pyarascannerA simple many-rules to many-files YARA scanner for incident response or malware zoos.
Stars: ✭ 23 (-65.15%)
ApkidAndroid Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
Stars: ✭ 999 (+1413.64%)
yara-exporterExporting MISP event attributes to yara rules usable with Thor apt scanner
Stars: ✭ 22 (-66.67%)
threat-intelSignatures and IoCs from public Volexity blog posts.
Stars: ✭ 130 (+96.97%)
yara-validatorValidates yara rules and tries to repair the broken ones.
Stars: ✭ 37 (-43.94%)
yara-rulesYara rules written by me, for free use.
Stars: ✭ 13 (-80.3%)
static file analysisAnalysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
Stars: ✭ 34 (-48.48%)
YaraHuntsRandom hunting ordiented yara rules
Stars: ✭ 86 (+30.3%)
Awesome YaraA curated list of awesome YARA rules, tools, and people.
Stars: ✭ 1,394 (+2012.12%)
Yara RulesA collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
Stars: ✭ 206 (+212.12%)
irmaenpoint detection / live analysis & sandbox host / signatures quality test
Stars: ✭ 25 (-62.12%)
ThreathuntingTools for hunting for threats.
Stars: ✭ 153 (+131.82%)
OwlyshieldOwlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact))..
Stars: ✭ 281 (+325.76%)
MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (+239.39%)
btrfscueRecover files from damaged BTRFS filesystems
Stars: ✭ 28 (-57.58%)
vminspectTools for inspecting disk images
Stars: ✭ 25 (-62.12%)
Php Antimalware ScannerAMWScan (PHP Antimalware Scanner) is a free tool to scan php files and analyze your project to find any malicious code inside it.
Stars: ✭ 181 (+174.24%)
ingest-fileIngestors extract the contents of mixed unstructured documents into structured (followthemoney) data.
Stars: ✭ 40 (-39.39%)
ir scriptsincident response scripts
Stars: ✭ 17 (-74.24%)
lsrootkitRootkit Detector for UNIX
Stars: ✭ 53 (-19.7%)
pyaff4The Python implementation of the AFF4 standard.
Stars: ✭ 37 (-43.94%)
hashlookup-forensic-analyserAnalyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/
Stars: ✭ 43 (-34.85%)
YaraStationYara station is a management portal for Neo23x0-Loki. The mission is to transform the standalone nature of the Loki scanner into a centralized management solution that facilitates result investigation and easier scanning capabilities.
Stars: ✭ 25 (-62.12%)
DnstwistDomain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Stars: ✭ 3,124 (+4633.33%)
ThreatKBKnowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
Stars: ✭ 68 (+3.03%)
factual-rules-generatorFactual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
Stars: ✭ 62 (-6.06%)
yarasploitYaraSploit is a collection of Yara rules generated from Metasploit framework shellcodes.
Stars: ✭ 31 (-53.03%)
HyaraYara rule making tool (IDA Pro & Binary Ninja & Cutter Plugin)
Stars: ✭ 142 (+115.15%)
RpotReal-time Packet Observation Tool
Stars: ✭ 38 (-42.42%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+565.15%)
GohacktoolsHacker tools on Go (Golang)
Stars: ✭ 1,303 (+1874.24%)
INDXRipperCarve file metadata from NTFS index ($I30) attributes
Stars: ✭ 32 (-51.52%)
MultiscannerModular file scanning/analysis framework
Stars: ✭ 494 (+648.48%)
MeerkatA collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
Stars: ✭ 284 (+330.3%)
PEiDYet another implementation of PEiD with yara
Stars: ✭ 12 (-81.82%)
PackratLive system forensic collector
Stars: ✭ 16 (-75.76%)
PaperworkPersonal document manager (Linux/Windows) -- Moved to Gnome's Gitlab
Stars: ✭ 2,392 (+3524.24%)
demuxusbA program and toolset to analyze iDevice USB sessions
Stars: ✭ 25 (-62.12%)
GoreconGorecon is a All in one Reconnaissance Tool , a.k.a swiss knife for Reconnaissance , A tool that every pentester/bughunter might wanna consider into their arsenal
Stars: ✭ 208 (+215.15%)
Opencv Document ScannerAn interactive document scanner built in Python using OpenCV featuring automatic corner detection, image sharpening, and color thresholding.
Stars: ✭ 213 (+222.73%)
IAT APIAssembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.
Stars: ✭ 63 (-4.55%)
evtx-hunterevtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
Stars: ✭ 122 (+84.85%)
BerserkerA list of useful payloads for Web Application Security and Pentest/CTF
Stars: ✭ 212 (+221.21%)
Pentest Tools FrameworkPentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities
Stars: ✭ 211 (+219.7%)
prowlerProwler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
Stars: ✭ 8,046 (+12090.91%)
Bscanan asynchronous target enumeration tool
Stars: ✭ 207 (+213.64%)
ScannerlThe modular distributed fingerprinting engine
Stars: ✭ 208 (+215.15%)
ZZYQRCodea scanner for QRCode barCode 最好用的ios二维码、条形码,扫描、生成框架,支持闪光灯,从相册获取,扫描音效等,高仿微信,微博
Stars: ✭ 124 (+87.88%)