EfstratiosLontzetidis / pythia
Pythia is a versatile query format designed to facilitate the discovery of malicious infrastructure by seamlessly converting into the syntax of popular search engines.
☆26Updated last month
Related projects: ⓘ
- The Threat Actor Profile Guide for CTI Analysts☆89Updated last year
- CarbonBlack EDR detection rules and response actions☆70Updated last week
- Harness the power of Splunk for your investigations☆66Updated last month
- Active C&C Detector☆148Updated 11 months ago
- C2 Active Scanner☆45Updated 3 months ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆94Updated last year
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆108Updated 5 months ago
- Cyber Underground General Intelligence Requirements☆85Updated 7 months ago
- Rules shared by the community from 100 Days of YARA 2024☆75Updated 5 months ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆81Updated 4 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆147Updated 3 months ago
- Config files for my GitHub profile.☆15Updated last year
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆65Updated last month
- ☆46Updated last week
- ☆23Updated this week
- Linux Baseline and Forensic Triage Tool - BETA☆51Updated 2 years ago
- A repository to share publicly available Velociraptor detection content☆115Updated this week
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆113Updated 9 months ago
- JPCERT/CC public YARA rules repository☆98Updated 2 months ago
- ☆22Updated last year
- Sigma rules to share with the community☆113Updated last month
- Detection Engineering with YARA☆84Updated 8 months ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆67Updated last year
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆74Updated 3 weeks ago
- IOC Stream and Command and Control Database Containing Command and Control (C2) Servers Detected Daily by ThreatMon.☆57Updated 8 months ago
- A specification and style guide for YARA rules☆34Updated 7 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆49Updated 3 months ago
- IOC Collection 2022☆55Updated last year
- Rules Shared by the Community from 100 Days of YARA 2023☆76Updated last year
- Purpleteam scripts simulation & Detection - trigger events for SOC detections☆149Updated 2 weeks ago