Threat Box Assessment Tool
☆19Aug 15, 2021Updated 4 years ago
Alternatives and similar repositories for tbat
Users that are interested in tbat are comparing it to the libraries listed below
Sorting:
- Import specific data sources into the Sigma generic and open signature format.☆79May 6, 2022Updated 3 years ago
- Collection of scripts used to analyse malware or emails☆20Oct 6, 2020Updated 5 years ago
- ☆20Feb 22, 2021Updated 5 years ago
- Misc malware stuff☆11Sep 30, 2020Updated 5 years ago
- Scripts, Yara rules and other files developed during malware investigations☆27Aug 19, 2022Updated 3 years ago
- experimenting w/ apple script for various macOS functionality☆14Aug 4, 2019Updated 6 years ago
- ☆12Jun 29, 2021Updated 4 years ago
- Some rules, scripts of some use to us☆11Oct 25, 2024Updated last year
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆28Apr 22, 2023Updated 2 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Nov 23, 2025Updated 3 months ago
- RenameLocalVars is an IDA plugin that renames local variables to something easier to read.☆15Jul 9, 2023Updated 2 years ago
- VirusTotal Intelligence Notification Puller☆28Jun 29, 2016Updated 9 years ago
- ☆33Feb 26, 2022Updated 4 years ago
- MSTIC Notebook Components☆35Sep 4, 2025Updated 6 months ago
- Open Dataset of Cobalt Strike Beacon metadata (2018-2022)☆133Mar 28, 2022Updated 3 years ago
- KQL Cafe Website☆15Feb 23, 2026Updated last week
- MalwareAnalysis☆12Dec 19, 2020Updated 5 years ago
- Network Forensics Workshop Files☆17Apr 21, 2015Updated 10 years ago
- Repository to provide files related to our blog articles.☆16May 26, 2025Updated 9 months ago
- Cyber Threats Detection Rules☆14Sep 16, 2025Updated 5 months ago
- ☆35Oct 29, 2021Updated 4 years ago
- Incremental Machine Leaning by example - Detecting suspicious activity in real time with Zeek data streams, River and JA3 hashes☆16Aug 10, 2022Updated 3 years ago
- Indicators of compromise, YARA rules, and Python scripts to supplement the SANS CTI Summit 2021 talk: "xStart when you're ready".☆14Jul 12, 2021Updated 4 years ago
- Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources☆13Jun 24, 2018Updated 7 years ago
- Modular command-line threat hunting tool & framework.☆17Jul 20, 2020Updated 5 years ago
- Misc Threat Hunting Resources☆377Jan 26, 2023Updated 3 years ago
- A list of JARM hashes for different ssl implementations used by some C2/red team tools.☆144Apr 20, 2023Updated 2 years ago
- Pointer was developed for massive hunting and mapping Cobalt Strike servers exposed on the internet.☆69Apr 12, 2022Updated 3 years ago
- Resources for SANS CTI Summit 2021 presentation☆104Nov 8, 2023Updated 2 years ago
- Conceptual Methods for Finding Commonalities in Macho Files☆12Mar 21, 2024Updated last year
- This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.☆118Dec 13, 2023Updated 2 years ago
- A community event for security researchers to share their favorite notebooks☆108Feb 15, 2024Updated 2 years ago
- Repository containing Jupyter Notebooks for working with OSQuery tables and data☆17May 8, 2020Updated 5 years ago
- Get USB Devices from Registry hives☆22Nov 15, 2021Updated 4 years ago
- Bro integration with osquery☆15Mar 24, 2023Updated 2 years ago
- Malware analysis tool☆22Apr 27, 2025Updated 10 months ago
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆154Apr 25, 2022Updated 3 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆74Jan 26, 2022Updated 4 years ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆127Dec 5, 2023Updated 2 years ago