Insane-Forensics / drovorub-hunt
A tool to assist with network-based hunting for GRU's Drovorub malware c2
☆25Updated 4 years ago
Alternatives and similar repositories for drovorub-hunt:
Users that are interested in drovorub-hunt are comparing it to the libraries listed below
- A cover story generator for people who Need Quick Covers On Operations☆13Updated 4 years ago
- A list of IOCs applicable to PoshC2☆24Updated 4 years ago
- A tool to help malware analysts signature unique parts of RTF documents☆29Updated 3 months ago
- Presentation materials for talks I've given.☆20Updated 5 years ago
- C# User Simulation☆32Updated 2 years ago
- Site for IWS book content☆18Updated 6 years ago
- A Modular MWDB Utility to Collect Fresh Malware Samples☆34Updated 3 years ago
- Machine Interrogation To Identify Gaps & Techniques for Execution☆32Updated 2 years ago
- A set of YARA rules for the AIL framework to detect leak or information disclosure☆38Updated 2 months ago
- Collection of YARA signatures from individual research☆44Updated last year
- Steezy - Ghetto Yara Generation☆15Updated 2 years ago
- ☆22Updated 4 years ago
- ☆15Updated 3 years ago
- ☆27Updated 3 years ago
- DFIR notes for Citrix ADC (NetScaler) appliances vulnerable to CVE-2019-19781☆45Updated 5 years ago
- Code and Slides of my BSides London 2019 presentation about Attacker Emulation using CALDERA☆22Updated 5 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆29Updated 4 years ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated 2 years ago
- Yara rules☆21Updated 2 years ago
- Generate YARA rules for OOXML documents.☆38Updated last year
- Tools and Binaries to use with KAPE☆12Updated 5 years ago
- A collection of my public YARA signatures for various malware families☆29Updated 7 months ago
- various slides and presentations I've worked on☆18Updated last month
- IcedID Decryption Tool☆28Updated 3 years ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Updated last year
- Repository for scripts and tips for "Yara Scan Service"☆20Updated 2 years ago
- ☆23Updated 4 years ago
- ☆23Updated last year
- Exfiltration based on custom X509 certificates☆26Updated last year
- Bunch of honey related items that spoof/decoy powersploit functions.☆18Updated 5 years ago