ANSSI-FR / AnoMark
Algorithme d'apprentissage statistique permettant de créer un modèle sur les lignes de commandes des évènements "Création de Processus", afin de détecter des anomalies dans les évènements futurs
☆80Updated 10 months ago
Alternatives and similar repositories for AnoMark:
Users that are interested in AnoMark are comparing it to the libraries listed below
- ☆86Updated 4 months ago
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆30Updated 2 years ago
- BlackBerry Threat Research & Intelligence☆96Updated last year
- Forensic Artifact Collection Tool Matrix☆79Updated 2 months ago
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆145Updated 3 months ago
- A toolkit for the post-mortem examination of Docker containers from forensic HDD copies☆97Updated 11 months ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆30Updated last month
- A collection of tips for using MISP.☆74Updated last month
- MISP Playbooks☆182Updated last month
- The core backend server handling API requests and task management☆33Updated 2 weeks ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆72Updated this week
- Rules shared by the community from 100 Days of YARA 2024☆83Updated 2 weeks ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆94Updated last year
- Guide journalisation Microsoft☆59Updated 6 months ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆179Updated this week
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆73Updated last year
- Open Source Platform for storing, organizing, and searching documents related to cyber threats☆159Updated last year
- LOKI2 - Simple IOC and YARA Scanner☆84Updated 5 months ago
- Xavier Framework is a user interface wrapper built on top of the Volatility(c) memory forensics framework.☆45Updated 2 years ago
- Powershell module for VMWare vSphere forensics☆146Updated 2 months ago
- LotL RMM☆113Updated 2 months ago
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆64Updated 11 months ago
- A home for detection content developed by the delivr.to team☆63Updated last month
- Harness the power of Splunk for your investigations☆83Updated last month
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆52Updated 2 months ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆82Updated 2 months ago
- An open source platform to support analysts to organise their case and tasks☆64Updated this week
- Web Application for domain name monitoring / alerting☆62Updated 5 months ago
- An opensource sigma conversion tool built using pysigma☆112Updated 3 weeks ago