CybercentreCanada / assemblyline
AssemblyLine 4: File triage and malware analysis
☆232Updated this week
Related projects: ⓘ
- Malware repository component for samples & static configuration with REST API interface.☆317Updated this week
- AssemblyLine4 documentation☆28Updated this week
- Rules generated from our investigations.☆186Updated last month
- Signatures and IoCs from public Volexity blog posts.☆307Updated last month
- Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)☆382Updated this week
- The Sigma command line interface based on pySigma☆130Updated last month
- Collection of private Yara rules.☆317Updated last month
- Sigma rule specification☆105Updated 3 weeks ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆154Updated this week
- Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques☆300Updated 3 months ago
- Distributed malware processing framework based on Python, Redis and S3.☆381Updated last week
- A python script developed to process Windows memory images based on triage type.☆259Updated 9 months ago
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆139Updated 2 months ago
- DFIQ is a collection of investigative questions and the approaches for answering them☆251Updated 3 weeks ago
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆544Updated 11 months ago
- 🚨 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system☆264Updated 10 months ago
- MBC content in markdown☆359Updated this week
- Repository of YARA rules made by Trellix ATR Team☆560Updated 8 months ago
- Open Source Platform for storing, organizing, and searching documents related to cyber threats☆154Updated 10 months ago
- Sublime rules for email attack detection, prevention, and threat hunting.☆235Updated this week
- Base components for Assemblyline 4 (Datastore, ODM, Filestore, Remote Datatypes, utils function, etc...)☆64Updated this week
- A framework for orchestrating forensic collection, processing and data export☆290Updated this week
- Indicators of Compromise☆162Updated last week
- Malduck is your ducky companion in malware analysis journeys☆313Updated 3 months ago
- Sigma rules from Joe Security☆199Updated last month
- The Volatility Collaborative GUI☆217Updated last week
- ☆185Updated last year
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆120Updated 6 months ago
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆238Updated last year
- Collection of Jupyter Notebooks by @fr0gger_☆139Updated 2 weeks ago