CybercentreCanada / assemblylineLinks
AssemblyLine 4: File triage and malware analysis
☆352Updated last week
Alternatives and similar repositories for assemblyline
Users that are interested in assemblyline are comparing it to the libraries listed below
Sorting:
- Malware repository component for samples & static configuration with REST API interface.☆365Updated last week
- Automated YARA Rule Standardization and Quality Assurance Tool☆238Updated last week
- Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)☆481Updated this week
- DFIQ is a collection of investigative questions and the approaches for answering them☆291Updated 7 months ago
- Signatures and IoCs from public Volexity blog posts.☆354Updated 3 months ago
- AssemblyLine4 documentation☆29Updated last week
- Distributed malware processing framework based on Python, Redis and S3.☆436Updated this week
- Sigma rule specification☆146Updated 2 weeks ago
- Collection of private Yara rules.☆369Updated last month
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆604Updated 5 months ago
- The Volatility Collaborative GUI☆251Updated this week
- Rules generated from our investigations.☆197Updated 2 months ago
- 🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system☆291Updated 3 months ago
- MBC content in markdown☆472Updated 2 months ago
- Open Source Platform for storing, organizing, and searching documents related to cyber threats☆165Updated last year
- Forensics artefact collection tool for systems running Microsoft Windows☆421Updated 5 months ago
- Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts…☆1,035Updated last month
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆377Updated 7 months ago
- ☆141Updated last month
- The Sigma command line interface based on pySigma☆158Updated 2 weeks ago
- ReversingLabs YARA Rules☆843Updated this week
- A python script developed to process Windows memory images based on triage type.☆265Updated last year
- GHOSTS is a realistic user simulation framework for cyber experimentation, simulation, training, and exercise☆599Updated 2 weeks ago
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆172Updated 9 months ago
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆271Updated this week
- Malduck is your ducky companion in malware analysis journeys☆339Updated 2 months ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆741Updated 4 months ago
- ☆513Updated 10 months ago
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆156Updated 6 months ago
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆194Updated this week