792 Open source projects that are alternatives of or similar to Judge-Jury-and-Executable

Loki - Simple IOC and Incident Response Scanner

Enhanced version of dd for forensics and security

Yara Based Detection Engine for web browsers

Set of Yara rules for finding files using magics headers

Signature base for my scanner tools

A list of free and open forensics analysis tools and other resources

Yara scan Phishing Kit's Zip archive(s)

No description or website provided.

SIEM Tactics, Techiques, and Procedures

C# wrapper around the Yara pattern matching library

A simple many-rules to many-files YARA scanner for incident response or malware zoos.

Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android

Exporting MISP event attributes to yara rules usable with Thor apt scanner

Signatures and IoCs from public Volexity blog posts.

Validates yara rules and tries to repair the broken ones.

Yara rules written by me, for free use.

Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules

Random hunting ordiented yara rules

A curated list of awesome YARA rules, tools, and people.

A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.

enpoint detection / live analysis & sandbox host / signatures quality test

Tools for hunting for threats.

Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact))..

#ThreatHunting #DFIR #Malware #Detection Mind Maps

Recover files from damaged BTRFS filesystems

Tools for inspecting disk images

AMWScan (PHP Antimalware Scanner) is a free tool to scan php files and analyze your project to find any malicious code inside it.

Ingestors extract the contents of mixed unstructured documents into structured (followthemoney) data.

incident response scripts

Rootkit Detector for UNIX

The Python implementation of the AFF4 standard.

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/

Yara station is a management portal for Neo23x0-Loki. The mission is to transform the standalone nature of the Loki scanner into a centralized management solution that facilitates result investigation and easier scanning capabilities.

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)

Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.

YaraSploit is a collection of Yara rules generated from Metasploit framework shellcodes.

Yara rule making tool (IDA Pro & Binary Ninja & Cutter Plugin)

Real-time Packet Observation Tool

Extract and aggregate threat intelligence.

Detect potentially malicious PHP files

Hacker tools on Go (Golang)

A toolkit for Security Researchers

Carve file metadata from NTFS index ($I30) attributes

Modular file scanning/analysis framework

A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.

Yet another implementation of PEiD with yara

Live system forensic collector

Personal document manager (Linux/Windows) -- Moved to Gnome's Gitlab

A program and toolset to analyze iDevice USB sessions

Gorecon is a All in one Reconnaissance Tool , a.k.a swiss knife for Reconnaissance , A tool that every pentester/bughunter might wanna consider into their arsenal

An interactive document scanner built in Python using OpenCV featuring automatic corner detection, image sharpening, and color thresholding.

Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.

evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.

A list of useful payloads for Web Application Security and Pentest/CTF

Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities

Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

an asynchronous target enumeration tool

The modular distributed fingerprinting engine

a scanner for QRCode barCode 最好用的ios二维码、条形码，扫描、生成框架，支持闪光灯，从相册获取，扫描音效等，高仿微信，微博