DeKrych / Dshell-pluginsLinks
This plugins repository is an unofficial library of decoders for Dshell, the U.S. Army Research Lab's network forensic analysis framework <https://github.com/USArmyResearchLab/Dshell>
☆27Updated 9 years ago
Alternatives and similar repositories for Dshell-plugins
Users that are interested in Dshell-plugins are comparing it to the libraries listed below
Sorting:
- The ContactDB project was initiated to cover the need for a tool to maintain contacts for CSIRT teams☆37Updated 3 years ago
- Plugins for the Viper Framework☆14Updated 6 years ago
- Multiple rules for yara-project for detect compiler/packer/protector☆33Updated 5 years ago
- Yara is awesome, but sometimes you need to manipulate the data streams you're scanning in different ways.☆97Updated 10 years ago
- Workbench: A scalable python framework for security research and development teams.☆92Updated 5 years ago
- Standalone CIRCLean/KittenGroomer code to sanitize emails.☆11Updated 7 years ago
- Discover potential timestamps within the Windows Registry☆19Updated 11 years ago
- Vagrant configuration to setup a Thug honeyclient VM☆20Updated 10 years ago
- CIRCL system forensic tools or a jumble of tools to support forensic☆42Updated 2 years ago
- IDS Utility Belt For Automating/Testing Various Things☆30Updated 4 years ago
- ☆16Updated 10 years ago
- Lite version of PDF X-RAY that uses no backend☆36Updated 13 years ago
- Traceroute improved wrapper for CSIRT and CERT operators☆38Updated 11 months ago
- Command-line Interface for Binar.ly☆38Updated 8 years ago
- FireEye Alert json files to MISP Malware information sharing plattform (Alpha)☆32Updated 8 years ago
- Command Line STDOUT Colorer☆30Updated 4 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Updated 9 years ago
- Cli interface to threatcrowd.org☆19Updated 8 years ago
- Network sinkhole for isolated malware analysis☆40Updated 7 years ago
- A Rekall interactive document for a Memory Analysis workshop/course.☆43Updated 8 years ago
- VPS infrastructure found in HT dumps☆26Updated 10 years ago
- ☆50Updated 9 years ago
- Python libary to normalize Yara signatures☆19Updated 4 years ago
- Home to the ActorTrackr source code☆24Updated 8 years ago
- Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer☆42Updated 5 years ago
- Frontend for Codex Gigas☆21Updated 8 years ago
- Potiron - Normalize, Index and Visualize Network Capture☆88Updated 6 years ago
- REST API based malware repository (abandoned)☆107Updated 10 years ago
- ☆19Updated 7 years ago
- Maltego Transform to put entities into MISP events☆28Updated 4 years ago