ITAYC0HEN / APT-Ecosystem

Related projects: ⓘ

• sapphirex00 / Threat-Hunting
  Personal compilation of APT malware from whitepaper releases, documents and own research
  ☆253Updated 5 years ago
• gleeda / memtriage
  Allows you to quickly query a Windows machine for RAM artifacts
  ☆218Updated 4 years ago
• d00rt / emotet_research
  ☆134Updated 5 years ago
• AlienVault-OTX / yabin
  A Yara rule generator for finding related samples and hunting
  ☆155Updated 2 years ago
• fdiskyou / threat-INTel
  ☆237Updated this week
• WithSecureLabs / snake
  snake - a malware storage zoo
  ☆217Updated last year
• arieljt / VTCodeSimilarity-YaraGen
  ☆95Updated 3 years ago
• k-vitali / Malware-Misc-RE
  Miscellaneous Malware RE
  ☆195Updated 2 years ago
• denisugarte / PowerDrive
  A tool for de-obfuscating PowerShell scripts
  ☆65Updated 5 years ago
• brakmic / Sinkholes
  Malware Sinkhole List in various formats
  ☆102Updated 2 years ago
• advanced-threat-research / IOCs
  Repository containing IOCs, CSV and MISP JSON from our blogs
  ☆78Updated 3 years ago
• sysopfb / malware_decoders
  Static based decoders for malware samples
  ☆93Updated 4 years ago
• ashemery / CuckooVM
  Cuckoo running in a nested hypervisor
  ☆128Updated 4 years ago
• jymcheong / AutoTTP
  Automated Tactics Techniques & Procedures
  ☆251Updated last year
• PUNCH-Cyber / YaraGuardian
  Django web interface for managing Yara rules
  ☆189Updated 6 years ago
• telsy-cyberops / research
  Telsy CTI Research Team
  ☆57Updated 3 years ago
• tehsyntx / loffice
  Lazy Office Analyzer
  ☆118Updated 7 years ago
• realparisi / WMI_Monitor
  Log newly created WMI consumers and processes to the Windows Application event log
  ☆123Updated 6 years ago
• OTRF / API-To-Event
  A repo to document API functions mapped to security events across diverse platforms
  ☆74Updated 4 years ago
• RomanEmelyanov / CobaltStrikeForensic
  Toolset for research malware and Cobalt Strike beacons
  ☆205Updated last year
• fxb-cocacoding / yara-signator
  Automatic YARA rule generation for Malpedia
  ☆152Updated 2 years ago
• phage-nz / infosec-bazaar
  A collection of infosec related scripts and information.
  ☆53Updated last week
• kirk-sayre-work / ViperMonkey
  A VBA parser and emulation engine to analyze malicious macros.
  ☆90Updated this week
• certtools / malware_name_mapping
  A mapping of used malware names to commonly known family names
  ☆61Updated last year
• marcosd4h / sysmonx
  SysmonX - An Augmented Drop-In Replacement of Sysmon
  ☆206Updated 5 years ago
• dgunter / evtxtoelk
  A lightweight tool to load Windows Event Log evtx files into Elasticsearch.
  ☆114Updated 3 years ago
• intezer / yara-rules
  ☆121Updated 2 years ago
• monnappa22 / HollowFind
  Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …
  ☆128Updated last year
• InQuest / ThreatKB
  Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
  ☆94Updated 3 months ago
• MinervaLabsResearch / Mystique
  Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malici…
  ☆80Updated 6 years ago