CERT-Polska / hfinger

Related projects ⓘ

Alternatives and complementary repositories for hfinger

• ninoseki / uzen
  Website crawler with YARA detection
  ☆88Updated last year
• PaloAltoNetworks / pyjarm
  pyJARM is a library for doing JARM fingerprinting using python
  ☆50Updated 3 years ago
• mnemonic-no / SNIcat
  SNIcat
  ☆125Updated 3 years ago
• hdm / jarm-go
  A Go implementation of JARM
  ☆119Updated 2 years ago
• spyre-project / spyre
  simple YARA-based IOC scanner
  ☆164Updated this week
• cedowens / C2-JARM
  A list of JARM hashes for different ssl implementations used by some C2/red team tools.
  ☆135Updated last year
• CybercentreCanada / CCCS-Yara
  YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
  ☆98Updated 2 months ago
• lp-db / lp-db
  Login Pages Database forms a knowledge base on login pages related to malicious activities (C2 panels, phishing kits...).
  ☆38Updated last year
• michelcrypt4d4mus / yaralyzer
  Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.
  ☆107Updated 7 months ago
• target / halogen
  Automatically create YARA rules from malicious documents.
  ☆208Updated 2 years ago
• intezer / MoP
  MoP - "Master of Puppets" - Advanced malware tracking framework
  ☆82Updated 2 months ago
• avast / yari
  YARI is an interactive debugger for YARA Language.
  ☆88Updated last week
• tenzir / threatbus
  🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
  ☆258Updated last year
• bonjourmalware / melody
  Melody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulatio…
  ☆138Updated 3 years ago
• assafmo / xioc
  Extract indicators of compromise from text, including "escaped" ones.
  ☆161Updated 4 years ago
• InQuest / sandboxapi
  Minimal, consistent Python API for building integrations with malware sandboxes.
  ☆137Updated 9 months ago
• Neo23x0 / panopticon
  A YARA Rule Performance Measurement Tool
  ☆58Updated 8 months ago
• StamusNetworks / suricata-language-server
  Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…
  ☆64Updated last week
• W3ndige / aurora
  Malware similarity platform with modularity in mind.
  ☆76Updated 3 years ago
• PUNCH-Cyber / YaraGuardian
  Django web interface for managing Yara rules
  ☆190Updated 6 years ago
• la3ar0v / TuxResponse
  Linux Incident Response
  ☆89Updated 5 years ago
• b3n-j4m1n / Red-Terroir
  Terraform resources for building HTTP, DNS, phishing, and mail server red team infrastructure
  ☆93Updated 5 years ago
• certego / PcapMonkey
  PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.
  ☆144Updated 8 months ago
• InQuest / ThreatKB
  Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
  ☆96Updated 5 months ago
• Lifars / gargamel
  A forensic evidence acquirer
  ☆85Updated 3 years ago
• SpiderLabs / IOCs-IDPS
  This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)
  ☆98Updated 3 years ago
• 3CORESec / Trapdoor
  Serverless honeytoken 🕵🏻‍♂️
  ☆79Updated last year
• 0xThiebaut / sigmai
  Import specific data sources into the Sigma generic and open signature format.
  ☆77Updated 2 years ago
• evilsocket / ergo-pe-av
  🧠 🦠 An artificial neural network and API to detect Windows malware, based on Ergo and LIEF.
  ☆175Updated 5 years ago
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆123Updated 2 months ago