JSCU-NL / COATHANGERLinks
IOCs and detection script for COATHANGER malware
☆54Updated last year
Alternatives and similar repositories for COATHANGER
Users that are interested in COATHANGER are comparing it to the libraries listed below
Sorting:
- Detection rule validation☆41Updated last year
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated last month
- Tools and scripts to deploy and manage OpenRelik instances☆13Updated this week
- Baseline a Windows System against LOLBAS☆27Updated last year
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.☆34Updated 10 months ago
- Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…☆62Updated 2 weeks ago
- MS Graph Commands and Tools for Blue Teamers☆49Updated last year
- 🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.☆74Updated last month
- NoDelete is a tool that assists in malware analysis by locking a folder where malware drops files before deleting them.☆47Updated 5 months ago
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (EXT4, XFS) journals (not systemd-journald), generates…☆64Updated 2 months ago
- The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.☆44Updated last month
- This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malwar…☆31Updated 2 months ago
- ☆74Updated 2 months ago
- ASR Configurator, Essentials and Atomic Testing☆42Updated last month
- create a "simulated internet" cyber range environment☆16Updated last week
- Bash Script to extract GNU/Linux forensic artifacts for digital forensic analysis and incident response.☆43Updated last year
- Quick ESXi Log Parser☆21Updated 5 months ago
- General Content☆26Updated 10 months ago
- MalStatWare automates malware analysis with Python. Extract key details like file size, type, hash, path, and digital signature. It analy…☆29Updated last year
- DEFCON 31 slide deck and video link☆62Updated this week
- Indicators of compromise from to analysis and research by Nextron Threat Research team☆10Updated 2 weeks ago
- Slides of my public talks☆55Updated last year
- This repo contains a list of vendors that hide their security advisories, alerts, notices, vulnerabilities, and more behind either a payw…☆32Updated last year
- ESXi Cyber Security Incident Response Script☆22Updated 9 months ago
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆52Updated last year
- msuserstats is a comprehensive Powershell tool to manage accounts from Microsoft Entra ID and Active Directory. It supports: a unified vi…☆40Updated 2 months ago
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆105Updated 7 months ago
- Finding ClickFix and FakeCAPTCHA like it's 1999☆38Updated this week
- Simulation of Akira Ransomware with Invoke-AtomicTest☆16Updated 10 months ago
- Python Prototype Scripts to Exploit or Discover Network vulnerabilities and misconfiguration.☆18Updated last year