CERT-Polska / hfinger

Related projects: ⓘ

• mnemonic-no / SNIcat
  SNIcat
  ☆124Updated 3 years ago
• PaloAltoNetworks / pyjarm
  pyJARM is a library for doing JARM fingerprinting using python
  ☆50Updated 3 years ago
• ninoseki / uzen
  Website crawler with YARA detection
  ☆87Updated last year
• hdm / jarm-go
  A Go implementation of JARM
  ☆119Updated 2 years ago
• lp-db / lp-db
  Login Pages Database forms a knowledge base on login pages related to malicious activities (C2 panels, phishing kits...).
  ☆37Updated last year
• target / halogen
  Automatically create YARA rules from malicious documents.
  ☆207Updated 2 years ago
• assafmo / xioc
  Extract indicators of compromise from text, including "escaped" ones.
  ☆161Updated 4 years ago
• intezer / MoP
  MoP - "Master of Puppets" - Advanced malware tracking framework
  ☆82Updated 2 weeks ago
• netspooky / inhale
  A malware analysis and classification tool.
  ☆193Updated 2 years ago
• cedowens / C2-JARM
  A list of JARM hashes for different ssl implementations used by some C2/red team tools.
  ☆136Updated last year
• michelcrypt4d4mus / yaralyzer
  Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.
  ☆99Updated 5 months ago
• spyre-project / spyre
  simple YARA-based IOC scanner
  ☆162Updated 3 weeks ago
• InQuest / ThreatKB
  Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
  ☆94Updated 3 months ago
• InQuest / sandboxapi
  Minimal, consistent Python API for building integrations with malware sandboxes.
  ☆134Updated 7 months ago
• b3n-j4m1n / Red-Terroir
  Terraform resources for building HTTP, DNS, phishing, and mail server red team infrastructure
  ☆93Updated 5 years ago
• bonjourmalware / melody
  Melody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulatio…
  ☆138Updated 3 years ago
• brakmic / Sinkholes
  Malware Sinkhole List in various formats
  ☆102Updated 2 years ago
• RomanEmelyanov / CobaltStrikeForensic
  Toolset for research malware and Cobalt Strike beacons
  ☆205Updated last year
• Neo23x0 / panopticon
  A YARA Rule Performance Measurement Tool
  ☆58Updated 6 months ago
• Lifars / gargamel
  A forensic evidence acquirer
  ☆85Updated 3 years ago
• CybercentreCanada / CCCS-Yara
  YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
  ☆93Updated 2 weeks ago
• Neo23x0 / xorex
  XOR Key Extractor
  ☆48Updated last month
• W3ndige / aurora
  Malware similarity platform with modularity in mind.
  ☆75Updated 3 years ago
• certego / PcapMonkey
  PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.
  ☆142Updated 6 months ago
• sapphirex00 / Threat-Hunting
  Personal compilation of APT malware from whitepaper releases, documents and own research
  ☆253Updated 5 years ago
• preludeorg / pneuma
  ☆94Updated this week
• stacscan / stacs
  Static Token And Credential Scanner
  ☆94Updated last year
• nccgroup / pybeacon
  A collection of scripts for dealing with Cobalt Strike beacons in Python
  ☆167Updated 3 years ago
• StamusNetworks / suricata-language-server
  Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…
  ☆60Updated 4 months ago
• PUNCH-Cyber / YaraGuardian
  Django web interface for managing Yara rules
  ☆189Updated 6 years ago