MISP / evtx-toolkit
Tool to read EVTX files including SYSMON and convert to JSON, MISP Objects and Graph stream
☆11Updated 3 years ago
Related projects: ⓘ
- ☆37Updated this week
- ☆42Updated last year
- Automated detection rule analysis utility☆29Updated last year
- ☆40Updated 5 months ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆74Updated 2 years ago
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- Threat Mapping Catalogue☆17Updated 3 years ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated last year
- THOR MITRE ATT&CK Framework Coverage☆24Updated 4 years ago
- Links to malware-related YARA rules☆14Updated last year
- Automatic detection engineering technical state compliance☆49Updated 2 months ago
- A tool to assess data quality, built on top of the awesome OSSEM.☆76Updated 2 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 4 years ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆65Updated 2 years ago
- Carbon Black Response IR tool☆53Updated 3 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆49Updated 2 years ago
- Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…☆39Updated 11 months ago
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆57Updated last year
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 2 years ago
- A MITRE ATT&CK Lookup Tool☆41Updated 4 months ago
- Collection of YARA signatures from individual research☆41Updated 10 months ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆32Updated 2 years ago
- Tweettioc Splunk App☆20Updated 4 years ago
- ☆25Updated 3 years ago
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆34Updated 2 years ago
- The project was moved here https://github.com/atomic-threat-coverage/atomic-threat-coverage☆23Updated 5 years ago
- Active C2 IoCs☆96Updated last year
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- Because phishtank was taken.. explore phishing kits in a contained environment!☆43Updated 2 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 3 years ago