JSCU-NL / COATHANGER
IOCs and detection script for COATHANGER malware
β54Updated last year
Alternatives and similar repositories for COATHANGER:
Users that are interested in COATHANGER are comparing it to the libraries listed below
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from themβ33Updated last week
- π§° ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.β73Updated 2 weeks ago
- MS Graph Commands and Tools for Blue Teamersβ49Updated last year
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.β34Updated 9 months ago
- β74Updated last month
- A web application that allows the users to check whether their SPF, DMARC and DKIM configuration is set up correctly.β142Updated this week
- A simple tool designed to create Atomic Red Team tests with ease.β40Updated last month
- Leveraging MISP indicators via a pDNS-based infrastructure as a poor manβs SOC.β51Updated 4 months ago
- This repository contains supplemental items including IOCs, and signatures discussed in Huntress blogposts, and other media.β37Updated 3 weeks ago
- information about ransomware groups (Ransomware Analysis Notes)β37Updated last year
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (EXT4, XFS) journals (not systemd-journald), generatesβ¦β63Updated last month
- Tools and scripts to deploy and manage OpenRelik instancesβ13Updated 2 months ago
- create a "simulated internet" cyber range environmentβ16Updated last week
- NoDelete is a tool that assists in malware analysis by locking a folder where malware drops files before deleting them.β45Updated 4 months ago
- The core backend server handling API requests and task managementβ39Updated 2 weeks ago
- Finding ClickFix and FakeCAPTCHA like it's 1999β35Updated this week
- Baseline a Windows System against LOLBASβ26Updated last year
- Detection rule validationβ41Updated last year
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeamβ27Updated 10 months ago
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigationsβ87Updated 9 months ago
- VTC - Velociraptor Timeline Creatorβ18Updated 11 months ago
- Quick ESXi Log Parserβ19Updated 4 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data wβ¦β51Updated 5 months ago
- The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.β35Updated 2 weeks ago
- ServiceLens is a Python tool for analyzing services linked to Microsoft 365 domains. It scans DNS records like SPF and DMARC to identify β¦β77Updated 6 months ago
- Linux #rootkit and #malware revealerβ24Updated 9 months ago
- DEFCON 31 slide deck and video linkβ60Updated 10 months ago
- DFIR ORC PARSER PROJECTβ25Updated 2 months ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.β51Updated 6 months ago
- Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligenceβ¦β60Updated last month