pyarascannerA simple many-rules to many-files YARA scanner for incident response or malware zoos.
Stars: ✭ 23 (-69.33%)
yara-exporterExporting MISP event attributes to yara rules usable with Thor apt scanner
Stars: ✭ 22 (-70.67%)
IntelmqIntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
Stars: ✭ 611 (+714.67%)
Wazuh ChefWazuh - Chef cookbooks
Stars: ✭ 9 (-88%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+485.33%)
FameFAME Automates Malware Evaluation
Stars: ✭ 663 (+784%)
Operation WocaoOperation Wocao - Indicators of Compromise
Stars: ✭ 29 (-61.33%)
MultiscannerModular file scanning/analysis framework
Stars: ✭ 494 (+558.67%)
HistoricprocesstreeAn Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.
Stars: ✭ 46 (-38.67%)
Yara PythonThe Python interface for YARA
Stars: ✭ 368 (+390.67%)
Awesome SreA curated list of Site Reliability and Production Engineering resources.
Stars: ✭ 7,687 (+10149.33%)
UrlextractorInformation gathering & website reconnaissance | https://phishstats.info/
Stars: ✭ 341 (+354.67%)
BinjadockAn extendable, tabbed, dockable UI widget plugin for BinaryNinja https://binary.ninja.
Stars: ✭ 34 (-54.67%)
Cyberchef RecipesA list of cyber-chef recipes and curated links
Stars: ✭ 619 (+725.33%)
ScriptingPS / Bash / Python / Other scripts For FUN!
Stars: ✭ 47 (-37.33%)
OpcdeOPCDE Cybersecurity Conference Materials
Stars: ✭ 538 (+617.33%)
HowtheysreA curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)
Stars: ✭ 6,962 (+9182.67%)
BinaryalertBinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
Stars: ✭ 1,125 (+1400%)
FclFCL (Fileless Command Lines) - Known command lines of fileless malicious executions
Stars: ✭ 409 (+445.33%)
Cortex4pyPython API Client for Cortex
Stars: ✭ 22 (-70.67%)
StoqAn open source framework for enterprise level automated analysis.
Stars: ✭ 352 (+369.33%)
Analyst CasefileMaltego CaseFile entities for information security investigations, malware analysis and incident response
Stars: ✭ 41 (-45.33%)
Icewater16,432 Free Yara rules created by
Stars: ✭ 324 (+332%)
ManalyzeA static analyzer for PE executables.
Stars: ✭ 701 (+834.67%)
Ir RescueA Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
Stars: ✭ 311 (+314.67%)
BeagleBeagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Stars: ✭ 976 (+1201.33%)
CortexCortex: a Powerful Observable Analysis and Active Response Engine
Stars: ✭ 676 (+801.33%)
Malware IocIndicators of Compromises (IOC) of our various investigations
Stars: ✭ 955 (+1173.33%)
Osquery ConfigurationA repository for using osquery for incident detection and response
Stars: ✭ 618 (+724%)
BalbuzardBalbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns.
Stars: ✭ 70 (-6.67%)
CyphonOpen source incident management and response platform.
Stars: ✭ 543 (+624%)
IocsIoC's, PCRE's, YARA's etc
Stars: ✭ 15 (-80%)
PecliCLI tool to analyze PE files
Stars: ✭ 46 (-38.67%)
YaraThe pattern matching swiss knife
Stars: ✭ 5,209 (+6845.33%)
DidierstevenssuitePlease no pull requests for this repository. Thanks!
Stars: ✭ 856 (+1041.33%)
PeframePEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.
Stars: ✭ 472 (+529.33%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (-2.67%)
Holmes TotemInvestigation Planner for fast running analysis with predictable execution time. For example, static analysis.
Stars: ✭ 25 (-66.67%)
StrelkaReal-time, container-based file scanning at enterprise scale
Stars: ✭ 387 (+416%)
Ios Triageincident response tool for iOS devices
Stars: ✭ 42 (-44%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (+384%)
YargenyarGen is a generator for YARA rules
Stars: ✭ 795 (+960%)
ThehivedocsDocumentation of TheHive
Stars: ✭ 353 (+370.67%)
WatcherWatcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Stars: ✭ 324 (+332%)
Ghidra scriptsScripts for the Ghidra software reverse engineering suite.
Stars: ✭ 732 (+876%)
HamburglarHamburglar -- collect useful information from urls, directories, and files
Stars: ✭ 321 (+328%)
ApkidAndroid Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
Stars: ✭ 999 (+1232%)
MascA Web Malware Scanner
Stars: ✭ 74 (-1.33%)
UrsadbTrigram database written in C++, suited for malware indexing
Stars: ✭ 72 (-4%)
YarasigsVarious Yara signatures (possibly to be included in a release later).
Stars: ✭ 59 (-21.33%)