PwCUK-CTO / SANSCTISummit2021-xStartView external linksLinks
Indicators of compromise, YARA rules, and Python scripts to supplement the SANS CTI Summit 2021 talk: "xStart when you're ready".
☆14Jul 12, 2021Updated 4 years ago
Alternatives and similar repositories for SANSCTISummit2021-xStart
Users that are interested in SANSCTISummit2021-xStart are comparing it to the libraries listed below
Sorting:
- Indicators of compromise relating to our report on APT10's targeting of global MSPs☆10Sep 26, 2017Updated 8 years ago
- A tool to help malware analysts signature unique parts of RTF documents☆29Jan 5, 2026Updated last month
- Take a list of URIs and print all the of the paths☆10Aug 16, 2020Updated 5 years ago
- ☆12Jun 29, 2021Updated 4 years ago
- Python 3 library to build YARA rules.☆13Oct 24, 2021Updated 4 years ago
- Steezy - Ghetto Yara Generation☆15Mar 27, 2023Updated 2 years ago
- Triage automation for suspect URLs☆13Jul 23, 2019Updated 6 years ago
- A tool for studying JavaScript malware.☆15Feb 9, 2026Updated last week
- Network Forensics Workshop Files☆17Apr 21, 2015Updated 10 years ago
- Python libraries for Windows system coding☆15May 13, 2020Updated 5 years ago
- Malware analysis tool☆22Apr 27, 2025Updated 9 months ago
- Ladon POC Moudle CVE-2019-11043 (PHP-FPM + Ngnix)☆16Nov 11, 2019Updated 6 years ago
- Various snippets created during malware analysis☆22Apr 29, 2018Updated 7 years ago
- collection of links related to using and improving windbg☆20Jun 17, 2018Updated 7 years ago
- Threat Box Assessment Tool☆19Aug 15, 2021Updated 4 years ago
- Scripts to aid analysis of files obfuscated with ScatterBee.☆24Jan 6, 2023Updated 3 years ago
- Low budget VirusTotal Intelligence Cosplay☆20Jan 6, 2022Updated 4 years ago
- Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing☆25May 29, 2023Updated 2 years ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆23Jan 31, 2024Updated 2 years ago
- A modular Karton Framework service that unpacks common packers like UPX and others using the Qiling Framework.☆58May 24, 2021Updated 4 years ago
- a open source rat from china☆26Oct 28, 2016Updated 9 years ago
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆23Aug 7, 2024Updated last year
- Decrypt NTDS hashes☆23Jan 22, 2014Updated 12 years ago
- ☆50Dec 28, 2012Updated 13 years ago
- Memory Loader Open Source Project by Sentinel-Labs.☆25Mar 26, 2021Updated 4 years ago
- ☆24Oct 30, 2024Updated last year
- IcedID Decryption Tool☆28May 7, 2021Updated 4 years ago
- Scripts, Yara rules and other files developed during malware investigations☆27Aug 19, 2022Updated 3 years ago
- A script to assist in processing forensic RAM captures for malware triage☆26Feb 4, 2021Updated 5 years ago
- Resources for SANS CTI Summit 2021 presentation☆104Nov 8, 2023Updated 2 years ago
- Various Modules & Scripts for use with Viper Framework☆27Aug 20, 2019Updated 6 years ago
- Network security visualization tool, showcasing live traffic between internal and external hosts in a real-time visualization.☆27Apr 11, 2023Updated 2 years ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆28Apr 22, 2023Updated 2 years ago
- ☆27Jun 17, 2021Updated 4 years ago
- ☆13Jul 13, 2020Updated 5 years ago
- Volatility memory forensics plugin for extracting Windows DNS Cache☆29Mar 13, 2017Updated 8 years ago
- Command-line Interface for Binar.ly☆39Jan 13, 2017Updated 9 years ago
- ☆11Sep 2, 2024Updated last year
- Module for FoundryVTT that scales the grid.☆10Nov 7, 2023Updated 2 years ago