CybercentreCanada / assemblylineLinks
AssemblyLine 4: File triage and malware analysis
☆334Updated this week
Alternatives and similar repositories for assemblyline
Users that are interested in assemblyline are comparing it to the libraries listed below
Sorting:
- Malware repository component for samples & static configuration with REST API interface.☆361Updated this week
- Automated YARA Rule Standardization and Quality Assurance Tool☆227Updated last week
- Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)☆468Updated this week
- AssemblyLine4 documentation☆29Updated this week
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆249Updated 2 years ago
- Distributed malware processing framework based on Python, Redis and S3.☆431Updated this week
- Rules generated from our investigations.☆196Updated last week
- Signatures and IoCs from public Volexity blog posts.☆355Updated last month
- ReversingLabs YARA Rules☆825Updated 2 weeks ago
- DFIQ is a collection of investigative questions and the approaches for answering them☆283Updated 5 months ago
- ☆132Updated this week
- Sigma rule specification☆137Updated 2 weeks ago
- A guide on how to write fast and memory friendly YARA rules☆144Updated 4 months ago
- Collection of private Yara rules.☆358Updated 2 months ago
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆376Updated 3 years ago
- Repository of YARA rules made by Trellix ATR Team☆600Updated 3 months ago
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆370Updated 5 months ago
- A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat in…☆319Updated last week
- Awesome list of keywords and artifacts for Threat Hunting sessions☆583Updated 2 months ago
- Open Source Platform for storing, organizing, and searching documents related to cyber threats☆165Updated last year
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆258Updated 3 months ago
- Malduck is your ducky companion in malware analysis journeys☆337Updated this week
- MBC content in markdown☆457Updated 2 weeks ago
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆163Updated 7 months ago
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆578Updated 5 months ago
- A python script developed to process Windows memory images based on triage type.☆262Updated last year
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆599Updated 3 months ago
- MISP trainings, threat intel and information sharing training materials with source code☆410Updated last month
- The Sigma command line interface based on pySigma☆158Updated 2 months ago
- 🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system☆288Updated last month