Files vetted, and approved for public release
☆55Nov 30, 2023Updated 2 years ago
Alternatives and similar repositories for PUBLIC_RELEASE
Users that are interested in PUBLIC_RELEASE are comparing it to the libraries listed below
Sorting:
- Passive DNS server interface compliant to "Common Output Format"☆10Sep 19, 2016Updated 9 years ago
- Expert Investigation Guides☆51Mar 18, 2021Updated 5 years ago
- Site for IWS book content☆17Oct 28, 2018Updated 7 years ago
- ☆22Dec 22, 2020Updated 5 years ago
- ☆19Jul 21, 2022Updated 3 years ago
- Repository for scripts and tips for "Yara Scan Service"☆20Feb 19, 2023Updated 3 years ago
- Learn how to get more out of publicly available threat reports to help improve the security posture of your organization! TLP: White Thre…☆15Jun 5, 2023Updated 2 years ago
- ☆12Jun 29, 2021Updated 4 years ago
- Gunslinger is used to hunt for Magecart sites using URLScan's API☆31Mar 15, 2022Updated 4 years ago
- A modified version of searx (the privacy-respecting metasearch engine) to only search an allowlist of sites, to build functionality simil…☆19Sep 17, 2021Updated 4 years ago
- Coding examples for the OpenDNS Investigate API☆24Nov 2, 2019Updated 6 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Feb 1, 2022Updated 4 years ago
- Liberating dem proprietary APT implants☆20Dec 17, 2019Updated 6 years ago
- Miscellaneous Malware RE☆193May 1, 2022Updated 3 years ago
- A book about how to conduct digital forensic investigations with free and open source tools.☆12Apr 30, 2014Updated 11 years ago
- This repository contains various files linked to Operation Shadowhammer as it was originally discovered by Kaspersky Team.☆12Mar 27, 2019Updated 6 years ago
- Implementation of a Whois Server with a redis backend☆15Oct 31, 2010Updated 15 years ago
- ☆29Feb 25, 2017Updated 9 years ago
- Uses viewdns.info to perform a reverse NS lookup on a specified nameserver and attempts zone transfers on discovered domains☆19May 2, 2019Updated 6 years ago
- CDPO is a tool to validate, de-duplicate, combine, query, and encrypt track data recovered from a breach.☆15Jun 23, 2017Updated 8 years ago
- Practice CTI Quiz☆13Mar 20, 2024Updated 2 years ago
- Scripts to process big chunks of data from MISP and do in depth correlations on samples.☆12Jul 2, 2016Updated 9 years ago
- ☆21Jan 20, 2026Updated 2 months ago
- Feed Generator for MISP☆19Nov 2, 2022Updated 3 years ago
- ☆44Jul 11, 2025Updated 8 months ago
- Auxiliary scripts for Incident Response with ELK☆11Oct 7, 2015Updated 10 years ago
- Python script that gets IOC from MISP and converts it into BRO intel files.☆13Apr 17, 2016Updated 9 years ago
- A collection of intelligence about Log4Shell and its exploitation activity.☆184Mar 4, 2022Updated 4 years ago
- ☆14Feb 8, 2020Updated 6 years ago
- Home for TRANSITS materials☆25Jul 24, 2024Updated last year
- Repository for LNK stuff☆31Aug 31, 2022Updated 3 years ago
- ☆17Jun 9, 2021Updated 4 years ago
- Modules for expansion services, enrichment, import and export in MISP and other tools.☆362Mar 9, 2026Updated last week
- UglyEXe - bypass some AVs☆17Feb 28, 2020Updated 6 years ago
- A framework that correlates Bro events☆18Oct 25, 2013Updated 12 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆29Jun 11, 2020Updated 5 years ago
- ssdeep based clustering tool☆14Jan 17, 2016Updated 10 years ago
- 🕵️♀️ POSIX compliant spies and stubs for shell unit testing☆13Jan 28, 2026Updated last month
- Example programs used in the automating DFIR series☆63Mar 4, 2019Updated 7 years ago