Neo23x0 / YARA-rules
Some YARA rules i will add from time to time
☆12Updated 5 years ago
Related projects: ⓘ
- Knowledge base of analytics designed to cover threats based on MITRE's ATT&CK.☆22Updated 5 years ago
- Site for IWS book content☆18Updated 5 years ago
- ☆28Updated 5 years ago
- PowerShell Memory Pulling script☆19Updated 9 years ago
- A simple many-rules to many-files YARA scanner for incident response or malware zoos.☆26Updated 6 years ago
- Easy way to create a MISP event related to a Phishing page☆17Updated last year
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.☆14Updated 6 years ago
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 5 years ago
- Mass Triage Tools☆19Updated 2 months ago
- Recipes for GCHQ's CyberChef Web App☆35Updated 5 years ago
- Git for me to put all my forensics stuff☆21Updated 3 weeks ago
- This repo is dedicated to all my tricks, tweaks and modules for testing and hunting threats. This repo contains multiple directories whic…☆56Updated 6 years ago
- Create an incident response triage toolkit for use with Windows or Linux.☆17Updated 4 years ago
- incident response scripts☆18Updated 5 years ago
- Indices for courses in SANS' Network Security Operations curriculum☆14Updated 8 years ago
- A script to create and assign SOP tasks into the cases☆18Updated 4 years ago
- Scripts to help hunt for possible golden/silver TGT tickets☆16Updated 7 years ago
- Searches for Insider Threat Hunting☆30Updated 5 years ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Updated 5 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆15Updated 3 years ago
- Expert Investigation Guides☆50Updated 3 years ago
- The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.☆12Updated 4 years ago
- Notebooks created to attack and secure Active Directory environments☆27Updated 4 years ago
- Indicators of compromise relating to our report on APT10's targeting of global MSPs☆10Updated 6 years ago
- Use DNS to hunt for threats including DGAs☆14Updated 8 years ago
- Quick & Dirty DFIR scripts developed by Ebryx DFIR team to keep handy during field assignment☆14Updated 2 months ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 3 years ago
- Modular command-line threat hunting tool & framework.☆16Updated 4 years ago
- Build your own threat hunting maturity model☆12Updated 6 years ago
- ☆40Updated this week