Masood-M / yalihView external linksLinks
YALIH (Yet Another Low Interaction Honeyclient) is a low Interaction Client honeypot designed to detect malicious websites through signature, anomaly and pattern matching techniques
☆68Jun 18, 2019Updated 6 years ago
Alternatives and similar repositories for yalih
Users that are interested in yalih are comparing it to the libraries listed below
Sorting:
- set of entities for Maltego including common STIX objects and several flavors of kill chain.☆11May 6, 2015Updated 10 years ago
- Vagrant configuration to setup a Thug honeyclient VM☆20Feb 26, 2015Updated 10 years ago
- A browser extension that seamlessly integrates your yara match notifications into VirusTotal Intelligence.☆17Feb 8, 2015Updated 11 years ago
- ☆20Nov 22, 2016Updated 9 years ago
- ☆29May 4, 2016Updated 9 years ago
- Just another tool to extract Indicator of compromise (ioc) from files☆29Oct 1, 2015Updated 10 years ago
- File Scanning Framework☆295Sep 15, 2021Updated 4 years ago
- Experimental High Assurance Cryptographic Library☆20Feb 1, 2016Updated 10 years ago
- Modern Honey Network deployment with ansible☆12Jun 4, 2022Updated 3 years ago
- threat language parser☆60Apr 20, 2015Updated 10 years ago
- C version of the MetroHash function☆27Jun 8, 2015Updated 10 years ago
- Clojure library that abstracts libsodium's NaCl primitives (curve25519, ed25519, blake2b, box/unbox, sign/verify, etc.)☆10Jul 4, 2016Updated 9 years ago
- Kippo configured to be a backdoored netscreen☆11Dec 22, 2015Updated 10 years ago
- A list of backdoor samples I find online.☆13Dec 16, 2019Updated 6 years ago
- Indicator of Compromise Mapping Service☆12Apr 15, 2014Updated 11 years ago
- Identify botnet panels with Ensembled Decision Trees☆18Aug 3, 2016Updated 9 years ago
- CrowdStrike Feed Management System. CrowdFMS is a framework for automating collection and processing of samples from VirusTotal, by lever…☆131Nov 13, 2018Updated 7 years ago
- Manage VT Alerts☆62Oct 4, 2016Updated 9 years ago
- Home to the ActorTrackr source code☆24Jun 21, 2017Updated 8 years ago
- Docker container for MISP☆96Jun 20, 2018Updated 7 years ago
- Honeypot Intelligence with Splunk☆256Oct 18, 2018Updated 7 years ago
- Tools☆13Apr 20, 2023Updated 2 years ago
- Under Your Radar (UYR): Exfiltration using Steganography☆18Mar 28, 2015Updated 10 years ago
- Enables dynamic translation of structured data between formats☆14Dec 14, 2018Updated 7 years ago
- ☆46Apr 6, 2017Updated 8 years ago
- Carving tool based in Radare2 & Yara☆16Oct 30, 2018Updated 7 years ago
- Debian and Red Hat packaging for SIE DNS sensor☆15May 5, 2023Updated 2 years ago
- MISP Workbench☆28Oct 19, 2016Updated 9 years ago
- IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.☆1,107Dec 2, 2025Updated 2 months ago
- Python low-interaction honeyclient☆1,020Updated this week
- SNES PPU reverse engineering attempt☆13Mar 19, 2023Updated 2 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Aug 3, 2019Updated 6 years ago
- Splunk integration with MISP☆12Apr 14, 2018Updated 7 years ago
- Threat Intelligence distribution☆31Dec 30, 2015Updated 10 years ago
- Python API bindings for FireEye Products☆13Feb 17, 2021Updated 4 years ago
- Simple DNS exfiltration using base64-encoded URL's☆14Jul 25, 2017Updated 8 years ago
- local dns cache to anti dns polution in china. inspired by chinadns. writing in ruby☆11Jul 8, 2020Updated 5 years ago
- A deceptively simple way to add a configuration file to a command-line application.☆17Mar 11, 2025Updated 11 months ago
- Script for pulling events from a MISP database and converting them to Autofocus queries.☆13Dec 28, 2015Updated 10 years ago