CybercentreCanada / assemblylineLinks
AssemblyLine 4: File triage and malware analysis
☆318Updated this week
Alternatives and similar repositories for assemblyline
Users that are interested in assemblyline are comparing it to the libraries listed below
Sorting:
- AssemblyLine4 documentation☆29Updated 2 weeks ago
- Malware repository component for samples & static configuration with REST API interface.☆355Updated last month
- Automated YARA Rule Standardization and Quality Assurance Tool☆223Updated this week
- DFIQ is a collection of investigative questions and the approaches for answering them☆280Updated 4 months ago
- Distributed malware processing framework based on Python, Redis and S3.☆426Updated 3 weeks ago
- Rules generated from our investigations.☆195Updated this week
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆255Updated last month
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆597Updated 2 months ago
- Open Source Platform for storing, organizing, and searching documents related to cyber threats☆165Updated last year
- ☆131Updated last week
- Malduck is your ducky companion in malware analysis journeys☆335Updated last month
- Collection of private Yara rules.☆354Updated last month
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆254Updated 2 months ago
- Collection of Jupyter Notebooks by @fr0gger_☆165Updated this week
- Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)☆460Updated last week
- The Volatility Collaborative GUI☆243Updated last week
- Sigma rule specification☆135Updated 3 months ago
- Base components for Assemblyline 4 (Datastore, ODM, Filestore, Remote Datatypes, utils function, etc...)☆69Updated last week
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆163Updated 6 months ago
- A python script developed to process Windows memory images based on triage type.☆262Updated last year
- ☆201Updated last year
- Signatures and IoCs from public Volexity blog posts.☆354Updated 2 weeks ago
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆104Updated 3 weeks ago
- The Sigma command line interface based on pySigma☆155Updated last month
- Sublime rules for email attack detection, prevention, and threat hunting.☆310Updated this week
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆109Updated last year
- 🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system☆288Updated last month
- This content is analysis and research of the data sources currently listed in ATT&CK.☆409Updated last year
- acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.☆103Updated 2 weeks ago
- ☆141Updated 3 months ago