ANSSI-FR / AnoMark
Algorithme d'apprentissage statistique permettant de créer un modèle sur les lignes de commandes des évènements "Création de Processus", afin de détecter des anomalies dans les évènements futurs
☆79Updated 9 months ago
Related projects ⓘ
Alternatives and complementary repositories for AnoMark
- ☆83Updated 3 months ago
- The core backend server handling API requests and task management☆31Updated 2 weeks ago
- Forensic Artifact Collection Tool Matrix☆75Updated 2 weeks ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆166Updated last week
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆141Updated 2 months ago
- ☆57Updated 3 weeks ago
- BlackBerry Threat Research & Intelligence☆93Updated last year
- A collection of tips for using MISP.☆74Updated 7 months ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆29Updated last week
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆110Updated 7 months ago
- MISP Playbooks☆174Updated this week
- A list of RMMs designed to be used in automation to build alerts☆108Updated 3 weeks ago
- Rules Shared by the Community from 100 Days of YARA 2023☆78Updated last year
- The Threat Actor Profile Guide for CTI Analysts☆98Updated last year
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆76Updated last week
- A home for detection content developed by the delivr.to team☆59Updated last week
- A specification and style guide for YARA rules☆37Updated 9 months ago
- An open source platform to support analysts to organise their case and tasks☆55Updated this week
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆148Updated 6 months ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆68Updated last year
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆66Updated last week
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆52Updated last month
- A repository to share publicly available Velociraptor detection content☆119Updated this week
- LotL RMM☆101Updated last week
- A pySigma wrapper to manage detection rules.☆29Updated last week
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆94Updated last year
- Python client for DFIR-IRIS☆20Updated 3 months ago
- LOKI2 - Simple IOC and YARA Scanner☆80Updated 3 months ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆115Updated 11 months ago
- An opensource sigma conversion tool built using pysigma☆101Updated this week