InQuest / python-inquestlabs
A Pythonic interface and command line tool for interacting with the InQuest Labs API.
☆35Updated last year
Alternatives and similar repositories for python-inquestlabs:
Users that are interested in python-inquestlabs are comparing it to the libraries listed below
- Active C2 IoCs☆98Updated 2 years ago
- Automated detection rule analysis utility☆29Updated 2 years ago
- Carbon Black Response IR tool☆53Updated 4 years ago
- Linux Incident Response☆90Updated 5 years ago
- ☆41Updated 11 months ago
- Simulating Adversary Operations☆93Updated 6 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- Automatic detection engineering technical state compliance☆55Updated 8 months ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆85Updated 2 years ago
- A visualized overview of the Initial Access Broker (IAB) cybercrime landscape☆113Updated 3 years ago
- ☆10Updated 5 years ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Updated 5 years ago
- A CALDERA plugin for ATT&CK Evaluations Round 1☆33Updated last year
- Random hunting ordiented yara rules☆95Updated 2 years ago
- Collection of YARA signatures from individual research☆44Updated last year
- Library of threat hunts to get any user started!☆42Updated 4 years ago
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Updated last year
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 5 years ago
- Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine☆22Updated 3 months ago
- ☆78Updated 4 years ago
- Website crawler with YARA detection☆88Updated last year
- Import specific data sources into the Sigma generic and open signature format.☆77Updated 2 years ago
- THOR MITRE ATT&CK Framework Coverage☆24Updated 4 years ago
- A library for fast parse & import of Windows Eventlogs into Elasticsearch.☆85Updated 9 months ago
- Yara Based Detection Engine for web browsers☆47Updated 3 years ago
- Links to malware-related YARA rules☆15Updated 2 years ago
- Pointer was developed for massive hunting and mapping Cobalt Strike servers exposed on the internet.☆65Updated 2 years ago
- Threat Mapping Catalogue☆17Updated 3 years ago
- Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…☆38Updated last year
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆59Updated 2 years ago