Neo23x0 / Rewind

Related projects: ⓘ

• sbousseaden / YaraHunts
  Random hunting ordiented yara rules
  ☆95Updated last year
• huebicode / abuselookup-gui
  A GUI to query the API of abuse.ch.
  ☆69Updated 2 years ago
• nccgroup / KilledProcessCanary
  A canary designed to minimize the impact from certain Ransomware actors
  ☆98Updated 3 years ago
• slaughterjames / excelpeek
  ☆37Updated 2 years ago
• hpthreatresearch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆143Updated 11 months ago
• Neo23x0 / panopticon
  A YARA Rule Performance Measurement Tool
  ☆58Updated 6 months ago
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆72Updated 2 years ago
• Neo23x0 / YARA-Performance-Guidelines
  A guide on how to write fast and memory friendly YARA rules
  ☆123Updated last year
• nov3mb3r / trident
  A PowerShell incident response script for quick triage
  ☆75Updated 2 years ago
• imp0rtp3 / Yobi
  Yara Based Detection Engine for web browsers
  ☆47Updated 3 years ago
• fox-it / dissect.target
  The Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access…
  ☆41Updated this week
• mkorman90 / sysmon-config-bypass-finder
  Detect possible sysmon logging bypasses given a specific configuration
  ☆107Updated 5 years ago
• 3c7 / yaramanager
  Simple yara rule manager
  ☆64Updated last year
• lp-db / lp-db
  Login Pages Database forms a knowledge base on login pages related to malicious activities (C2 panels, phishing kits...).
  ☆37Updated last year
• SwitHak / SwitHak.github.io
  SwitHak' Security Place for my Opinions and Work
  ☆34Updated last year
• OTRF / API-To-Event
  A repo to document API functions mapped to security events across diverse platforms
  ☆74Updated 4 years ago
• fireeye / BitsParser
  ☆137Updated 3 months ago
• mrcbax / honeyup
  An uploader honeypot designed to look like poor website security.
  ☆25Updated 2 years ago
• ninoseki / uzen
  Website crawler with YARA detection
  ☆87Updated last year
• Neo23x0 / xorex
  XOR Key Extractor
  ☆48Updated last month
• nccgroup / Wubes
  Qubes containerization on Windows
  ☆130Updated 3 years ago
• tap-ir / tapir
  TAPIR is a multi-user, client/server, incident response framework
  ☆43Updated 2 years ago
• rgeoghan / app-password-persistence
  Using Microsoft 365 App Passwords for persistence
  ☆23Updated 4 years ago
• jklepsercyber / defender-detectionhistory-parser
  A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.
  ☆109Updated 2 years ago
• ahhh / Cybersecurity-Tradecraft
  A repo to support the book
  ☆103Updated 3 years ago
• JYVSECTEC / PHR-model
  Prepare, Hunt, and Respond - Conceptual model against cyber attacks by JYVSECTEC
  ☆60Updated 2 years ago
• muteb / Hoarder
  This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole …
  ☆191Updated 3 years ago
• hpthreatresearch / tools
  Scripts and tools accompanying HP Threat Research blog posts and reports.
  ☆48Updated 5 months ago
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆86Updated last year
• zerofox-oss / phishpond
  Because phishtank was taken.. explore phishing kits in a contained environment!
  ☆43Updated 2 years ago