HolmesProcessing / Holmes-Totem
Investigation Planner for fast running analysis with predictable execution time. For example, static analysis.
☆29Updated 5 years ago
Alternatives and similar repositories for Holmes-Totem:
Users that are interested in Holmes-Totem are comparing it to the libraries listed below
- Investigation Planner for long running analysis with unpredictable execution time. For example, dynamic analysis.☆15Updated 8 years ago
- The Storage Planner manages access to all data within the Holmes Processing system. It orchestrates the interaction across multiple Datab…☆16Updated 6 years ago
- Main program for receiving tasking and objects. It validates input, checks authentication, and pushes the requests to the pipeline.☆13Updated 7 years ago
- website☆9Updated 4 years ago
- AMICO - Accurate Behavior-Based Detection of Malware Downloads☆31Updated 7 years ago
- Bit9 + Carbon Black Threat Intelligence☆82Updated 9 years ago
- CuckooML: Machine Learning for Cuckoo Sandbox☆146Updated 2 years ago
- A dumb set of scripts for building a cuckoo rig☆61Updated 8 years ago
- A project to label the VirusShare malware corpus using VirusTotal's public API.☆30Updated 2 years ago
- Modified edition of cuckoo community modules☆50Updated 7 years ago
- Malware Classifier From Network Captures☆82Updated 8 years ago
- Generate STIX XML from OpenIOC XML☆92Updated 6 years ago
- Scalable Binary Data Extraction in Hadoop☆143Updated 10 years ago
- Proof-of-concept automated baremetal malware analysis framework.☆14Updated 9 years ago
- A Yara rule generator for finding related samples and hunting☆158Updated 2 years ago
- Scripts for dealing with various ek's☆69Updated 8 years ago
- An OS X analyzer for Cuckoo Sandbox project☆57Updated 9 years ago
- threat language parser☆60Updated 10 years ago
- This python scripts can calculate the WHOIS Similarity Distance between two given domains.☆29Updated 2 years ago
- Automated IOC-Generation scripts and tools☆24Updated 8 years ago
- openioc_scan Volatility Framework plugin☆43Updated 9 years ago
- Multiple rules for yara-project for detect compiler/packer/protector☆33Updated 5 years ago
- Various Yara signatures (possibly to be included in a release later).☆85Updated 5 years ago
- Yara is awesome, but sometimes you need to manipulate the data streams you're scanning in different ways.☆97Updated 10 years ago
- Cuckoo Agent.☆23Updated 6 years ago
- BASS - BASS Automated Signature Synthesizer☆175Updated 6 years ago
- My Yara Rules Collection☆52Updated 9 years ago
- a collection of public yara rules☆26Updated 5 years ago
- Useful scripts, rules etc. for use with YARA☆27Updated 4 years ago
- Implementation of the DIMVA 2017 publication "Quincy: Detecting Host-Based Code Injection Attacks in Memory Dumps"☆69Updated 3 years ago