Neo23x0 / panopticon
A YARA Rule Performance Measurement Tool
☆58Updated 6 months ago
Related projects: ⓘ
- Malware similarity platform with modularity in mind.☆75Updated 3 years ago
- A repo to document API functions mapped to security events across diverse platforms☆74Updated 4 years ago
- evtx2json extracts events of interest from event logs, dedups them, and exports them to json.☆41Updated 3 years ago
- Random hunting ordiented yara rules☆95Updated last year
- pollen - A command-line tool for interacting with TheHive☆34Updated 5 years ago
- Generate a Yara rule to find base64-encoded files containg a specific keyword☆39Updated 6 years ago
- XOR Key Extractor☆48Updated last month
- A collection of typical false positive indicators☆54Updated 3 years ago
- Collection of YARA signatures from individual research☆41Updated 9 months ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆15Updated 3 years ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆36Updated last year
- Simple yara rule manager☆64Updated last year
- PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.☆56Updated 2 years ago
- Automatic detection engineering technical state compliance☆49Updated 2 months ago
- Collection of scripts used to analyse malware or emails☆19Updated 3 years ago
- Machine Interrogation To Identify Gaps & Techniques for Execution☆32Updated 2 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Updated 6 years ago
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Updated last year
- Yara Based Detection Engine for web browsers☆47Updated 3 years ago
- PSAttck is a light-weight framework for the MITRE ATT&CK Framework.☆38Updated 2 years ago
- An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree…☆59Updated 6 years ago
- I wanted to call this repo "Nuclear Football Codes". I was outvoted..☆68Updated 2 years ago
- A tool to assess data quality, built on top of the awesome OSSEM.☆76Updated 2 years ago
- Repository for my ATT&CK analysis research.☆68Updated 5 years ago
- ☆52Updated 5 years ago
- Repository with selected IOCs and YARA rules for threat hunting.☆31Updated 3 weeks ago
- pocket guide for core threat hunting concepts☆23Updated 4 years ago
- Detect possible sysmon logging bypasses given a specific configuration☆107Updated 5 years ago
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 5 years ago
- Steezy - Ghetto Yara Generation☆15Updated last year