Loginsoft-LLC / Linux-Exploit-Detection
Linux based vulnerabilities (CVE) exploit detection through runtime security using Falco/Osquery/Yara/Sigma
☆19Updated 9 months ago
Related projects: ⓘ
- First iteration of ML based Feedback WAF☆54Updated 6 months ago
- An Adaptive Misuse Detection System☆27Updated 2 weeks ago
- ☆19Updated this week
- Some of my rough notes for Docker threat detection☆46Updated last year
- yara detection rules for hunting with the threathunting-keywords project☆75Updated last week
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated last year
- Lightweight Python-Based Malware Analysis Pipeline☆29Updated this week
- HTTP Headers Hashing (HHHash) is a technique used to create a fingerprint of an HTTP server based on the headers it returns.☆75Updated last year
- Malware Analysis tools☆22Updated this week
- Presentation materials for my Black Hat USA 2022 Briefing and Arsenal talks☆64Updated 2 years ago
- Detecting Cobalt Strike Team Servers on targets through traffic telemetry.☆19Updated last month
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆34Updated 2 years ago
- Method of finding interesting domains using keywords + JARMs☆13Updated last year
- Slides and materials for conference presentations☆12Updated last year
- BlueBox Malware analysis Box and Cyber threat intelligence.☆38Updated 2 years ago
- Look into EDR events from network☆23Updated 5 months ago
- ☆42Updated 2 years ago
- Manage attack surface data on Elasticsearch☆19Updated 10 months ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆74Updated 2 years ago
- information about ransomware groups (Ransomware Analysis Notes)☆36Updated 8 months ago
- Data exfiltration and covert communication tool☆36Updated last year
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆57Updated last year
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…☆22Updated 11 months ago
- GATOR - GCP Attack Toolkit for Offensive Research, a tool designed to aid in research and exploiting Google Cloud Environments☆88Updated 2 months ago
- JA4TScan is an active TCP server fingerprinting tool.☆44Updated 3 weeks ago
- AI Powered Sensitive Information Detection☆17Updated 6 months ago
- A set of YARA rules for the AIL framework to detect leak or information disclosure☆36Updated 2 months ago
- FastCVE - fast, rich and API-based search for CVE and more (CPE, CWE, CAPEC)☆37Updated last month
- Modular malware analysis artifact collection and correlation framework☆49Updated 4 months ago
- MUSHIKAGO-femto is an automated penetration testing and first aid tool☆15Updated 2 years ago