0xrawsec / geneLinks
Signature engine for all your logs
☆171Updated last year
Alternatives and similar repositories for gene
Users that are interested in gene are comparing it to the libraries listed below
Sorting:
- SysmonX - An Augmented Drop-In Replacement of Sysmon☆214Updated 6 years ago
- A library for fast parse & import of Windows Eventlogs into Elasticsearch.☆84Updated 3 months ago
- Golang Parser for Microsoft Event Logs☆105Updated 3 months ago
- simple YARA-based IOC scanner☆169Updated 2 weeks ago
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆107Updated 5 months ago
- ☆166Updated 4 years ago
- An Inofficial Sysmon Version History (Change Log)☆33Updated 4 years ago
- Research indicators and detection rules☆66Updated 2 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆88Updated 2 years ago
- YARA rule analyzer to improve rule quality and performance☆103Updated 6 months ago
- Random hunting ordiented yara rules☆97Updated 2 years ago
- A repository that maps API calls to Sysmon Event ID's.☆122Updated 2 years ago
- Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules☆50Updated 2 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆96Updated 2 months ago
- ☆41Updated 3 years ago
- Links to malware-related YARA rules☆15Updated 3 years ago
- Open Dataset of Cobalt Strike Beacon metadata (2018-2022)☆126Updated 3 years ago
- Sigma rules from Joe Security☆223Updated 11 months ago
- Anything Sysmon related from the MSTIC R&D team☆156Updated last year
- Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets☆140Updated 5 years ago
- Sigma Detection Rule Repository☆90Updated 5 years ago
- Sysmon EDR POC Build within Powershell to prove ability.☆226Updated 4 years ago
- Automatically create YARA rules from malicious documents.☆212Updated 3 years ago
- c2 traffic☆191Updated 2 years ago
- Event Trace Log file parser in pure Python☆148Updated 4 years ago
- A CALDERA plugin☆79Updated 2 weeks ago
- Proofpoint - Emerging Threats - Threat Research tools + publicly shared intel and documentation☆79Updated last month
- Tracking APT IOCs☆25Updated 4 years ago
- Blueteam operational triage registry hunting/forensic tool.☆150Updated last month
- Collection of YARA signatures from individual research☆46Updated last year