PaloAltoNetworks / pyjarmLinks
pyJARM is a library for doing JARM fingerprinting using python
☆50Updated 5 months ago
Alternatives and similar repositories for pyjarm
Users that are interested in pyjarm are comparing it to the libraries listed below
Sorting:
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- A list of JARM hashes for different ssl implementations used by some C2/red team tools.☆142Updated 2 years ago
- Active C2 IoCs☆99Updated 2 years ago
- A cyber threat intelligence chatbot that ingested 2200+ reports from vx-underground.☆31Updated last year
- Website crawler with YARA detection☆88Updated 2 years ago
- Threat Detection Rules (Snort/Sigma/Yara)☆14Updated last year
- DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic☆44Updated last year
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆103Updated 2 months ago
- ☆44Updated 2 months ago
- ☆46Updated 2 years ago
- Hfinger - fingerprinting HTTP requests☆139Updated 2 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆36Updated 3 years ago
- Threat Mapping Catalogue☆17Updated 4 years ago
- A MITRE Caldera plugin☆46Updated 10 months ago
- ☆43Updated 2 years ago
- YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.☆27Updated 3 years ago
- A set of YARA rules for the AIL framework to detect leak or information disclosure☆38Updated 7 months ago
- Collection of YARA signatures from individual research☆44Updated last year
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆62Updated last year
- Yara station is a management portal for Neo23x0-Loki. The mission is to transform the standalone nature of the Loki scanner into a centra…☆36Updated 3 years ago
- ☆25Updated 2 years ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Updated last year
- ☆41Updated 3 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆30Updated 5 years ago
- HTTP Headers Hashing (HHHash) is a technique used to create a fingerprint of an HTTP server based on the headers it returns.☆77Updated 2 years ago
- Further investigation in to APT campaigns disclosed by private security firms and security agencies☆86Updated 3 years ago
- Pointer was developed for massive hunting and mapping Cobalt Strike servers exposed on the internet.☆68Updated 3 years ago
- Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .☆65Updated last year
- Python based CLI for MalwareBazaar☆37Updated last month
- Tracking APT IOCs☆25Updated 4 years ago