Insane-Forensics / drovorub-huntLinks
A tool to assist with network-based hunting for GRU's Drovorub malware c2
☆25Updated 5 years ago
Alternatives and similar repositories for drovorub-hunt
Users that are interested in drovorub-hunt are comparing it to the libraries listed below
Sorting:
- Machine Interrogation To Identify Gaps & Techniques for Execution☆32Updated 3 years ago
- A cover story generator for people who Need Quick Covers On Operations☆13Updated 5 years ago
- A list of IOCs applicable to PoshC2☆24Updated 5 years ago
- ☆46Updated 2 years ago
- Gunslinger is used to hunt for Magecart sites using URLScan's API☆31Updated 3 years ago
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 6 years ago
- evtx2json extracts events of interest from event logs, dedups them, and exports them to json.☆42Updated 4 years ago
- C# User Simulation☆33Updated 2 years ago
- Site for IWS book content☆17Updated 6 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 5 years ago
- PSAttck is a light-weight framework for the MITRE ATT&CK Framework.☆38Updated 3 years ago
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Updated 2 years ago
- PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…☆51Updated 6 years ago
- DeployREMnux is a Python script that will deploy a cloud instance of the public REMnux distribution in the Amazon cloud (AWS).☆16Updated 5 years ago
- isodump - ISO dump utility☆41Updated 6 years ago
- ☆22Updated 4 years ago
- Malware similarity platform with modularity in mind.☆78Updated 4 years ago
- IcedID Decryption Tool☆28Updated 4 years ago
- Columbo is a computer forensic analysis tool used to simplify and identify specific patterns in compromised datasets.☆62Updated 3 years ago
- ☆30Updated 6 years ago
- A tool to help malware analysts signature unique parts of RTF documents☆29Updated 8 months ago
- OSSEM Modular☆27Updated 5 years ago
- Website crawler with YARA detection☆89Updated 2 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- Collection of YARA signatures from individual research☆44Updated last year
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆30Updated 5 years ago
- Presentation materials for talks I've given.☆20Updated 5 years ago
- Repository of resources for configuring a Red Team SIEM using Elastic☆101Updated 7 years ago
- Exfiltration based on custom X509 certificates☆26Updated last year
- Merge all Yara rules from official Yara github repository in one .yar file☆30Updated 7 years ago