Indicators of compromise, YARA rules, and Python scripts to supplement the SANS CTI Summit 2021 talk: "xStart when you're ready".
☆14Jul 12, 2021Updated 4 years ago
Alternatives and similar repositories for SANSCTISummit2021-xStart
Users that are interested in SANSCTISummit2021-xStart are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Indicators of compromise relating to our report on APT10's targeting of global MSPs☆10Sep 26, 2017Updated 8 years ago
- Python 3 library to build YARA rules.☆13Oct 24, 2021Updated 4 years ago
- A tool to help malware analysts signature unique parts of RTF documents☆28Jan 5, 2026Updated 2 months ago
- Triage automation for suspect URLs☆13Jul 23, 2019Updated 6 years ago
- An add-on for Kodi to play random videos from a variety of lists.☆10May 9, 2023Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Resources for SANS CTI Summit 2021 presentation☆104Nov 8, 2023Updated 2 years ago
- Steezy - Ghetto Yara Generation☆15Mar 27, 2023Updated 3 years ago
- This directory contains presentations and related materials of my speaking engagements. I also use this to record historical presentation…☆17Feb 13, 2025Updated last year
- Take a list of URIs and print all the of the paths☆10Aug 16, 2020Updated 5 years ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆23Jan 31, 2024Updated 2 years ago
- ☆12Jun 29, 2021Updated 4 years ago
- Python libraries for Windows system coding☆15May 13, 2020Updated 5 years ago
- Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing☆24May 29, 2023Updated 2 years ago
- Low budget VirusTotal Intelligence Cosplay☆20Jan 6, 2022Updated 4 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- FRAC and RIFT☆17Mar 16, 2019Updated 7 years ago
- Scripts to aid analysis of files obfuscated with ScatterBee.☆24Jan 6, 2023Updated 3 years ago
- ☆24Oct 30, 2024Updated last year
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆23Aug 7, 2024Updated last year
- RenameLocalVars is an IDA plugin that renames local variables to something easier to read.☆15Jul 9, 2023Updated 2 years ago
- Ladon POC Moudle CVE-2019-11043 (PHP-FPM + Ngnix)☆16Nov 11, 2019Updated 6 years ago
- Network Forensics Workshop Files☆17Apr 21, 2015Updated 10 years ago
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆33May 25, 2024Updated last year
- My collection of scripts for Ghidra (https://github.com/NationalSecurityAgency/ghidra)☆10Sep 13, 2020Updated 5 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Ansible playbook to convert Sigma rules to ElastAlert rules☆10Feb 5, 2021Updated 5 years ago
- Malware analysis tool☆22Apr 27, 2025Updated 11 months ago
- Network security visualization tool, showcasing live traffic between internal and external hosts in a real-time visualization.☆27Apr 11, 2023Updated 2 years ago
- Module for FoundryVTT that scales the grid.☆10Nov 7, 2023Updated 2 years ago
- Scripts to automate standing up apache2 with mod_rewrite in front of C2 servers.☆47Feb 17, 2021Updated 5 years ago
- Private Search Set (PSS) is an extension to standard Bloom filter or a standalone hash file to describe and share private set.☆16Jan 10, 2025Updated last year
- collection of links related to using and improving windbg☆20Jun 17, 2018Updated 7 years ago
- Splunk integration with MISP☆12Apr 14, 2018Updated 7 years ago
- Simple Ansible playbook and role for setting a software channel and upgrading RouterOS on mikrotik devices☆12Aug 1, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- A project to create a stub/mock environment for testing ExecuteScript processors☆31Aug 10, 2018Updated 7 years ago
- A tool for studying JavaScript malware.☆15Mar 20, 2026Updated last week
- a open source rat from china☆26Oct 28, 2016Updated 9 years ago
- Various snippets created during malware analysis☆22Apr 29, 2018Updated 7 years ago
- Template for MkDocs Material☆11Jan 1, 2026Updated 2 months ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆24Mar 27, 2017Updated 9 years ago
- Threat Box Assessment Tool☆19Mar 5, 2026Updated 3 weeks ago