Insane-Forensics / drovorub-huntLinks
A tool to assist with network-based hunting for GRU's Drovorub malware c2
☆25Updated 5 years ago
Alternatives and similar repositories for drovorub-hunt
Users that are interested in drovorub-hunt are comparing it to the libraries listed below
Sorting:
- A list of IOCs applicable to PoshC2☆24Updated 5 years ago
- C# User Simulation☆32Updated 2 years ago
- Presentation materials for talks I've given.☆20Updated 5 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- A cover story generator for people who Need Quick Covers On Operations☆13Updated 5 years ago
- Collection of YARA signatures from individual research☆44Updated last year
- Gunslinger is used to hunt for Magecart sites using URLScan's API☆31Updated 3 years ago
- Public repository for Red Canary Research☆37Updated 4 years ago
- ☆45Updated 2 years ago
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Updated last year
- isodump - ISO dump utility☆41Updated 6 years ago
- PSAttck is a light-weight framework for the MITRE ATT&CK Framework.☆38Updated 3 years ago
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆15Updated 5 years ago
- ☆22Updated 4 years ago
- Cybersecurity Incidents Mind Maps☆33Updated 3 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 5 years ago
- Repository for scripts and tips for "Yara Scan Service"☆20Updated 2 years ago
- Manticore Adversary Emulation Cli☆48Updated 5 years ago
- OSSEM Modular☆27Updated 5 years ago
- Columbo is a computer forensic analysis tool used to simplify and identify specific patterns in compromised datasets.☆61Updated 3 years ago
- Machine Interrogation To Identify Gaps & Techniques for Execution☆32Updated 3 years ago
- evtx2json extracts events of interest from event logs, dedups them, and exports them to json.☆42Updated 4 years ago
- Carbon Black Response IR tool☆54Updated 4 years ago
- SuperPeHasher is a wrapper for several hash algorithms dedicated to PE file.☆28Updated 3 years ago
- ☆19Updated 5 years ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 4 years ago
- Indicator of Compromise Scanner for CVE-2019-19781☆94Updated 5 years ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Updated last year
- Get intelligence info (tags, mitre techniques, yara and more) and find similar malware in a fast and easy way☆18Updated 3 years ago
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 6 years ago