NybbleHub / Bluekeep-Detection-RuleLinks
Bluekeep detection rule by using Apache Flink CEP (Complex Event Processing) Library and Markov Chain.
☆9Updated 5 years ago
Alternatives and similar repositories for Bluekeep-Detection-Rule
Users that are interested in Bluekeep-Detection-Rule are comparing it to the libraries listed below
Sorting:
- ssdeep cluster analysis for malware files☆31Updated 5 years ago
- Pcaps for PeddleCheap and implant communication + script for interpreting and decrypting pcaps.☆15Updated 7 years ago
- Collection of malware ioc hashes from blog posts. A Python script is provided to search through it.☆17Updated 4 years ago
- Simplified go-cat agent for caldera☆10Updated last year
- Links to malware-related YARA rules☆15Updated 2 years ago
- ☆41Updated 2 years ago
- Suricata rule and intel index☆31Updated 3 months ago
- Generate bulk YARA rules from YAML input☆22Updated 5 years ago
- All necessary code in order to feed Sysmon data into Recurrent Neural Network☆17Updated 4 years ago
- Bro integration with osquery☆15Updated 2 years ago
- Network timing evaluation used to detect beacons, works with argus flow as the source☆20Updated 9 years ago
- 威胁检测规则集☆15Updated 5 years ago
- ☆12Updated 7 years ago
- The code in this repository which function is to extract the shellcode from the maldoc.☆10Updated last year
- Detecting PowerShell Empire, Metasploit Meterpreter and Cobalt Strike agents by payload size sequence analysis and host correlation☆16Updated 6 years ago
- Threat Detection Rules (Snort/Sigma/Yara)☆13Updated last year
- Go bindings for YARA☆14Updated last year
- A set of YARA rules for the AIL framework to detect leak or information disclosure☆38Updated 4 months ago
- Threat Mapping Catalogue☆17Updated 3 years ago
- Epimitheus is a tool that uses graphical database Neo4j for Windows Events visualization.☆19Updated 3 years ago
- ☆17Updated 6 months ago
- Invoke-Decoder – A PowerShell script to decode/deobfuscate malware samples☆19Updated 4 years ago
- ☆24Updated 5 years ago
- Bro PCAP Processing and Tagging API☆28Updated 7 years ago
- IoC's, PCRE's, YARA's etc☆24Updated 3 months ago
- Repository collecting and automagically processing public threat intelligence reports.☆18Updated 5 years ago
- Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research☆53Updated 7 years ago
- Maintain Windows Persistence with an evil Netshell Helper DLL☆12Updated 6 years ago
- ATT&CK技战术数据☆16Updated 4 years ago
- Is this IP a C2 server?☆28Updated 5 years ago