CybercentreCanada / assemblyline
AssemblyLine 4: File triage and malware analysis
☆290Updated this week
Alternatives and similar repositories for assemblyline:
Users that are interested in assemblyline are comparing it to the libraries listed below
- AssemblyLine4 documentation☆29Updated this week
- Malware repository component for samples & static configuration with REST API interface.☆342Updated 2 weeks ago
- DFIQ is a collection of investigative questions and the approaches for answering them☆273Updated 2 months ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆199Updated this week
- A python script developed to process Windows memory images based on triage type.☆260Updated last year
- Signatures and IoCs from public Volexity blog posts.☆350Updated last month
- Collection of private Yara rules.☆344Updated last week
- Malduck is your ducky companion in malware analysis journeys☆326Updated 9 months ago
- Open Source Platform for storing, organizing, and searching documents related to cyber threats☆163Updated last year
- Rules generated from our investigations.☆192Updated this week
- Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)☆435Updated this week
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆215Updated this week
- Sublime rules for email attack detection, prevention, and threat hunting.☆281Updated this week
- Base components for Assemblyline 4 (Datastore, ODM, Filestore, Remote Datatypes, utils function, etc...)☆69Updated this week
- The Sigma command line interface based on pySigma☆147Updated 3 weeks ago
- The Volatility Collaborative GUI☆240Updated this week
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆154Updated 3 months ago
- A framework for orchestrating forensic collection, processing and data export☆307Updated this week
- Sigma rule specification☆128Updated 2 weeks ago
- acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.☆97Updated last week
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆582Updated last week
- Sigma rules from Joe Security☆207Updated 4 months ago
- A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.☆207Updated 3 weeks ago
- MBC content in markdown☆419Updated 2 months ago
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆132Updated last year
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆244Updated 2 years ago
- MISP trainings, threat intel and information sharing training materials with source code☆403Updated last month
- Distributed malware processing framework based on Python, Redis and S3.☆403Updated last month
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆155Updated 2 years ago
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆351Updated 2 months ago