PwCUK-CTO / OperationCloudHopper
Indicators of compromise relating to our report on APT10's targeting of global MSPs
☆10Updated 7 years ago
Related projects ⓘ
Alternatives and complementary repositories for OperationCloudHopper
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Updated 2 years ago
- Mass Triage Tools☆20Updated 4 months ago
- Set of utilities for getting information about Windows Events☆15Updated 6 years ago
- Site for IWS book content☆18Updated 6 years ago
- Scripts to help hunt for possible golden/silver TGT tickets☆16Updated 7 years ago
- Some rules, scripts of some use to us☆9Updated 3 weeks ago
- Force-Directed Graph Generator for Volatility Ouputs☆26Updated 5 years ago
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Updated 5 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆24Updated 7 years ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Updated 8 years ago
- ☆12Updated 3 years ago
- Use DNS to hunt for threats including DGAs☆14Updated 8 years ago
- Registry Miner☆14Updated 6 years ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 3 years ago
- Presentation materials for talks I've given.☆20Updated 5 years ago
- Indices for courses in SANS' Network Security Operations curriculum☆15Updated 8 years ago
- Crack your macros like the math pros.☆33Updated 7 years ago
- MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.☆20Updated 4 years ago
- ☆29Updated 6 years ago
- Checks observables/ioc in TheHive/Cortex against the MISP warningslists☆14Updated 6 years ago
- Historical Observations of Actionable Reputation Data☆13Updated 6 years ago
- Plugins for the Viper Framework☆14Updated 5 years ago
- Steezy - Ghetto Yara Generation☆15Updated last year
- This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.☆12Updated 7 years ago