CybercentreCanada / assemblyline
AssemblyLine 4: File triage and malware analysis
☆274Updated this week
Alternatives and similar repositories for assemblyline:
Users that are interested in assemblyline are comparing it to the libraries listed below
- Malware repository component for samples & static configuration with REST API interface.☆339Updated last week
- AssemblyLine4 documentation☆28Updated this week
- Automated YARA Rule Standardization and Quality Assurance Tool☆190Updated last week
- Sigma rule specification☆125Updated last month
- Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)☆427Updated 2 weeks ago
- DFIQ is a collection of investigative questions and the approaches for answering them☆269Updated 3 weeks ago
- Rules generated from our investigations.☆193Updated 3 months ago
- The Sigma command line interface based on pySigma☆144Updated 3 weeks ago
- A python script developed to process Windows memory images based on triage type.☆260Updated last year
- Signatures and IoCs from public Volexity blog posts.☆348Updated this week
- Distributed malware processing framework based on Python, Redis and S3.☆401Updated 3 weeks ago
- 🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system☆277Updated 2 weeks ago
- Open Source Platform for storing, organizing, and searching documents related to cyber threats☆160Updated last year
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆152Updated 2 months ago
- Sigma rules from Joe Security☆206Updated 3 months ago
- A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat in…☆234Updated this week
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆343Updated last month
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆337Updated this week
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆222Updated last year
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆99Updated this week
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆574Updated 3 months ago
- Base components for Assemblyline 4 (Datastore, ODM, Filestore, Remote Datatypes, utils function, etc...)☆68Updated this week
- Docker image for Velocidex Velociraptor☆118Updated 7 months ago
- A framework for orchestrating forensic collection, processing and data export☆305Updated this week
- ☆198Updated last year
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆698Updated last week
- Malduck is your ducky companion in malware analysis journeys☆324Updated 7 months ago
- An opensource sigma conversion tool built using pysigma☆115Updated last month
- A repository of my own Sigma detection rules.☆157Updated 5 months ago
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆180Updated last week