YARA, SIGMA, SNORT Rules based on Malware Analysis
☆17Apr 23, 2025Updated 10 months ago
Alternatives and similar repositories for Detection_Engineering_Signatures
Users that are interested in Detection_Engineering_Signatures are comparing it to the libraries listed below
Sorting:
- Malware detonation platform Polygon integration☆10Aug 1, 2023Updated 2 years ago
- A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).☆16Dec 19, 2018Updated 7 years ago
- Hunting Newly Registered Domains☆10Jan 6, 2019Updated 7 years ago
- THOR APT Scanner User Manual☆20Mar 9, 2026Updated last week
- Threat feeds designed to extract adversarial TTPs and IOCs, using: ✨AI✨☆70Mar 15, 2026Updated last week
- A framework and taxonomy for identifying, classifying, and reasoning about detection logic bugs in SIEM, EDR, and XDR rules, with concret…☆45Mar 5, 2026Updated 2 weeks ago
- Digital Forensics and Incident Response notes and Autopsy tool walkthrough☆11Feb 3, 2022Updated 4 years ago
- Comprehensive notes and resources to ace the eLearnSecurity Junior Penetration Testing certificate, helping you master the art of ethical…☆13Nov 27, 2023Updated 2 years ago
- Command generator for pentesting tools☆17Dec 2, 2024Updated last year
- Osquery Resources☆63Aug 23, 2019Updated 6 years ago
- Tools and Techniques for Blue Team / Incident Response☆23Mar 8, 2023Updated 3 years ago
- ☆12Nov 13, 2023Updated 2 years ago
- Quickly generate suricata rules for IOCs☆28Apr 30, 2021Updated 4 years ago
- Collection of scripts and tools related to the eCTHPv2 exam by INE.☆19Jun 12, 2022Updated 3 years ago
- KQL Detections for Microsoft Sentinel and Microsoft 365 Defender☆21Nov 15, 2024Updated last year
- Random scripts that I used in the CARTP course lab & final exam.☆14Feb 28, 2024Updated 2 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- Check reputation of IP/url/hash/file in bulk with mutiple OSINT☆19Dec 8, 2022Updated 3 years ago
- A series of Linux and Windows based Forensics labs. Tools used include: FTK, EnCase, Sleuthkit, Autopsy, Volatility, etc.☆14Sep 17, 2020Updated 5 years ago
- Two plugins to recover TMP keys from Saleae logic analyser traces☆15Jun 10, 2022Updated 3 years ago
- A series of python scripts to extract information from Dark Web Applications☆14Mar 26, 2025Updated 11 months ago
- Sigma rules to share with the community☆124Jan 29, 2025Updated last year
- a-ray-grass is a yara module that provides support for DCSO-format bloom filters in yara. In the context of hashlookup, it allows quickly…☆14Aug 19, 2022Updated 3 years ago
- KQL Queries for Advanced Hunting / Log Analytics☆13Jan 29, 2026Updated last month
- Obsidian vault notes collection on Ethical Hacking Tools and Techniques, HackTheBox, and HTB Academy☆10Aug 15, 2023Updated 2 years ago
- Open Dataset of Cobalt Strike Beacon metadata (2018-2022)☆133Mar 28, 2022Updated 3 years ago
- A series of functions to parse Teamviewer logs to answer specific questions☆10Jul 17, 2022Updated 3 years ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Oct 12, 2018Updated 7 years ago
- A PowerShell-based script to analyze network logs from CSV files and detect potential beaconing behavior. Supports VirusTotal integration…☆17May 11, 2025Updated 10 months ago
- Interactive Shells like PsExec, but in Go☆16Apr 30, 2025Updated 10 months ago
- Here are some tools I developed to help analyze malware☆11Nov 8, 2023Updated 2 years ago
- Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security relate…☆179Updated this week
- Polyglot detector☆23Jun 5, 2025Updated 9 months ago
- ☆11Jun 12, 2023Updated 2 years ago
- 🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.☆14May 22, 2024Updated last year
- A series of PowerShell scripts to automate the assessment of Azure IaaS security☆21Feb 18, 2026Updated last month
- Ransomware dataset, containing dynamic behaviour of more than 60 distinct ransomware families.☆10Aug 29, 2022Updated 3 years ago
- This repository is a comprehensive collection of resources, documentation, apps, and add-ons related to Splunk, a powerful data analytics…☆24Feb 16, 2026Updated last month
- A dataset of phishing kits in the wild☆15Jun 1, 2024Updated last year