PaloAltoNetworks / pyjarm
pyJARM is a library for doing JARM fingerprinting using python
☆49Updated 3 weeks ago
Alternatives and similar repositories for pyjarm:
Users that are interested in pyjarm are comparing it to the libraries listed below
- Threat Detection Rules (Snort/Sigma/Yara)☆13Updated last year
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- Website crawler with YARA detection☆88Updated last year
- ☆24Updated 2 years ago
- DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic☆41Updated 8 months ago
- A list of JARM hashes for different ssl implementations used by some C2/red team tools.☆139Updated 2 years ago
- HTTP Headers Hashing (HHHash) is a technique used to create a fingerprint of an HTTP server based on the headers it returns.☆76Updated last year
- Hfinger - fingerprinting HTTP requests☆137Updated last year
- Assemblyline 4 Malware detonation service (Cuckoo)☆17Updated last year
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆61Updated last year
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆100Updated 3 months ago
- Login Pages Database forms a knowledge base on login pages related to malicious activities (C2 panels, phishing kits...).☆39Updated 2 years ago
- Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules☆50Updated last year
- ☆44Updated last year
- YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.☆27Updated 3 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- A set of YARA rules for the AIL framework to detect leak or information disclosure☆38Updated 2 months ago
- Collection of YARA signatures from individual research☆44Updated last year
- Graph Representation of MITRE ATT&CK's CTI data☆48Updated 5 years ago
- Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .☆61Updated last year
- Tool to read EVTX files including SYSMON and convert to JSON, MISP Objects and Graph stream☆11Updated 4 years ago
- Active C2 IoCs☆98Updated 2 years ago
- Because phishtank was taken.. explore phishing kits in a contained environment!☆46Updated 2 years ago
- Small web frontend for using openAI's GPT-3.5 and GPT-4's API☆53Updated last week
- Threat Mapping Catalogue☆17Updated 3 years ago
- Tracking APT IOCs☆25Updated 4 years ago
- Links to malware-related YARA rules☆15Updated 2 years ago
- ☆43Updated 2 years ago
- Create an entire YARA rule via Python? Whhhhhhaatttt?☆73Updated 6 years ago
- Tools used by CSIRT and especially in the scope of CNW☆16Updated 6 months ago