CERT-Polska / hfinger
Hfinger - fingerprinting HTTP requests
☆135Updated last year
Alternatives and similar repositories for hfinger:
Users that are interested in hfinger are comparing it to the libraries listed below
- pyJARM is a library for doing JARM fingerprinting using python☆49Updated last week
- simple YARA-based IOC scanner☆169Updated last month
- Extract indicators of compromise from text, including "escaped" ones.☆159Updated 4 years ago
- SNIcat☆126Updated 3 years ago
- Malware Sinkhole List in various formats☆103Updated 2 years ago
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆100Updated 2 months ago
- A Go implementation of JARM☆117Updated 2 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆69Updated 2 months ago
- Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.☆118Updated 3 months ago
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆261Updated 2 years ago
- Login Pages Database forms a knowledge base on login pages related to malicious activities (C2 panels, phishing kits...).☆39Updated 2 years ago
- Django web interface for managing Yara rules☆191Updated 6 years ago
- A YARA Rule Performance Measurement Tool☆58Updated last year
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆101Updated this week
- Terraform resources for building HTTP, DNS, phishing, and mail server red team infrastructure☆94Updated 5 years ago
- Automatically create YARA rules from malicious documents.☆210Updated 2 years ago
- Website crawler with YARA detection☆88Updated last year
- A list of JARM hashes for different ssl implementations used by some C2/red team tools.☆139Updated last year
- How to Zeek Sysmon Logs!☆101Updated 3 years ago
- 🧠 🦠 An artificial neural network and API to detect Windows malware, based on Ergo and LIEF.☆178Updated 5 years ago
- A web-based tool to assist the work of the intuitive threat analysts.☆112Updated 6 years ago
- Malicious actors often reuse code to deploy their malware, phishing website or CNC server. As a result, similiaries can be found on URLs …☆75Updated last year
- MoP - "Master of Puppets" - Advanced malware tracking framework☆80Updated 6 months ago
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆100Updated 3 years ago
- Active C2 IoCs☆98Updated 2 years ago
- ☆218Updated last year
- Automate common Chrome Debug Protocol tasks to help debug web applications from the command-line and actively monitor and intercept HTTP …☆73Updated 3 years ago
- Import specific data sources into the Sigma generic and open signature format.☆77Updated 2 years ago
- Passive DNS collection using Zeek☆182Updated last year
- Personal compilation of APT malware from whitepaper releases, documents and own research☆260Updated 6 years ago