Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
☆75Jan 18, 2022Updated 4 years ago
Alternatives and similar repositories for factual-rules-generator
Users that are interested in factual-rules-generator are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A Python script that gathers all valid IP addresses from all text files from a directory, and checks them against Whois database, TOR rel…☆29Jun 27, 2022Updated 3 years ago
- Klara docker compose☆11May 19, 2020Updated 5 years ago
- Liberating dem proprietary APT implants☆20Dec 17, 2019Updated 6 years ago
- ☆33Feb 26, 2022Updated 4 years ago
- ☆27Mar 2, 2022Updated 4 years ago
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆36Feb 2, 2022Updated 4 years ago
- Malware similarity platform with modularity in mind.☆80Jul 18, 2021Updated 4 years ago
- Automatically create YARA rules from malicious documents.☆211May 16, 2022Updated 3 years ago
- CIRCL system forensic tools or a jumble of tools to support forensic☆41Jan 20, 2023Updated 3 years ago
- Practical Information Sharing between Law Enforcement and CSIRT communities using MISP☆35Sep 18, 2023Updated 2 years ago
- A python script developed to process Windows memory images based on triage type.☆266Nov 25, 2023Updated 2 years ago
- Powershell module for VMWare vSphere forensics☆170Nov 8, 2024Updated last year
- Import AbuseCH IOC Feeds into MISP☆12Feb 17, 2021Updated 5 years ago
- Golang implementation of PyMISP-feedgenerator☆18Jul 31, 2022Updated 3 years ago
- YARI is an interactive debugger for YARA Language.☆90Sep 10, 2025Updated 6 months ago
- Small web frontend for using openAI's GPT-3.5 and GPT-4's API☆59Apr 9, 2025Updated 11 months ago
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆133Jan 31, 2022Updated 4 years ago
- Tool for automatic list generation of known TOR and VPN exit nodes☆29Dec 21, 2023Updated 2 years ago
- Proof-of-concept automated baremetal malware analysis framework.☆14Sep 24, 2015Updated 10 years ago
- Carbon Black Response IR tool☆55Dec 10, 2020Updated 5 years ago
- Modular command-line threat hunting tool & framework.☆17Jul 20, 2020Updated 5 years ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Feb 6, 2024Updated 2 years ago
- ☆34Aug 8, 2023Updated 2 years ago
- Melody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulatio…☆139Feb 14, 2025Updated last year
- Pandora is an analysis framework to discover if a file is suspicious and conveniently show the results☆278Mar 14, 2026Updated last week
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆791Mar 14, 2026Updated last week
- Imphash-like calculation on Golang binaries☆49Jul 2, 2022Updated 3 years ago
- Linux Evidence Acquisition Framework☆119Sep 30, 2024Updated last year
- Website for ail-typo-squatting library☆72Feb 25, 2026Updated 3 weeks ago
- ☆89Feb 11, 2022Updated 4 years ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆23Jan 31, 2024Updated 2 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Nov 23, 2025Updated 4 months ago
- Malware vulnerability research. Coming soon..☆12Apr 20, 2020Updated 5 years ago
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆141Nov 19, 2023Updated 2 years ago
- Threat Box Assessment Tool☆19Mar 5, 2026Updated 2 weeks ago
- A wireshark plugin to instrument ETW☆580Jan 28, 2022Updated 4 years ago
- Various Topics☆18Apr 30, 2025Updated 10 months ago
- Windows.EDB Browser☆60Mar 6, 2023Updated 3 years ago