Indicators of compromise, YARA rules, and Python scripts to supplement the SANS CTI Summit 2021 talk: "xStart when you're ready".
☆14Jul 12, 2021Updated 4 years ago
Alternatives and similar repositories for SANSCTISummit2021-xStart
Users that are interested in SANSCTISummit2021-xStart are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Indicators of compromise relating to our report on APT10's targeting of global MSPs☆10Sep 26, 2017Updated 8 years ago
- Python 3 library to build YARA rules.☆13Oct 24, 2021Updated 4 years ago
- A tool to help malware analysts signature unique parts of RTF documents☆28Jan 5, 2026Updated 5 months ago
- Triage automation for suspect URLs☆13Jul 23, 2019Updated 6 years ago
- Resources for SANS CTI Summit 2021 presentation☆104Nov 8, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Steezy - Ghetto Yara Generation☆15Mar 27, 2023Updated 3 years ago
- This directory contains presentations and related materials of my speaking engagements. I also use this to record historical presentation…☆18Feb 13, 2025Updated last year
- Take a list of URIs and print all the of the paths☆10Aug 16, 2020Updated 5 years ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆23Jan 31, 2024Updated 2 years ago
- ☆12Jun 29, 2021Updated 4 years ago
- Python libraries for Windows system coding☆15May 13, 2020Updated 6 years ago
- Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing☆24May 29, 2023Updated 3 years ago
- Low budget VirusTotal Intelligence Cosplay☆20Jan 6, 2022Updated 4 years ago
- FRAC and RIFT☆17Mar 16, 2019Updated 7 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Quick lookup files for SUNBURST Backdoor☆12Dec 15, 2020Updated 5 years ago
- Scripts to aid analysis of files obfuscated with ScatterBee.☆24Jan 6, 2023Updated 3 years ago
- Persistent twitter monitor tool for 2021 SANS OSINT Summit Talk☆18Mar 3, 2022Updated 4 years ago
- ☆24Oct 30, 2024Updated last year
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆23Aug 7, 2024Updated last year
- RenameLocalVars is an IDA plugin that renames local variables to something easier to read.☆15Jul 9, 2023Updated 2 years ago
- Ladon POC Moudle CVE-2019-11043 (PHP-FPM + Ngnix)☆16Nov 11, 2019Updated 6 years ago
- Network Forensics Workshop Files☆17Apr 21, 2015Updated 11 years ago
- My collection of scripts for Ghidra (https://github.com/NationalSecurityAgency/ghidra)☆10Sep 13, 2020Updated 5 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Ansible playbook to convert Sigma rules to ElastAlert rules☆10Feb 5, 2021Updated 5 years ago
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆34May 25, 2024Updated 2 years ago
- Scripts to automate standing up apache2 with mod_rewrite in front of C2 servers.☆47Feb 17, 2021Updated 5 years ago
- Private Search Set (PSS) is an extension to standard Bloom filter or a standalone hash file to describe and share private set.☆16Jan 10, 2025Updated last year
- Splunk integration with MISP☆11Apr 14, 2018Updated 8 years ago
- collection of links related to using and improving windbg☆20Jun 17, 2018Updated 8 years ago
- Simple Ansible playbook and role for setting a software channel and upgrading RouterOS on mikrotik devices☆12Aug 1, 2022Updated 3 years ago
- A modular Karton Framework service that unpacks common packers like UPX and others using the Qiling Framework.☆58May 24, 2021Updated 5 years ago
- A project to create a stub/mock environment for testing ExecuteScript processors☆30Aug 10, 2018Updated 7 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A tool for studying JavaScript malware.☆15Jun 9, 2026Updated last week
- Various snippets created during malware analysis☆22Apr 29, 2018Updated 8 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆25Mar 27, 2017Updated 9 years ago
- Threat Box Assessment Tool☆19Mar 5, 2026Updated 3 months ago
- A script to assist in processing forensic RAM captures for malware triage☆26Feb 4, 2021Updated 5 years ago
- Simple Ansible role and playbook to harden a Mikrotik RouterOS device☆14Jul 26, 2019Updated 6 years ago
- DEFCON 26 Flying Skull Badge☆15Jun 6, 2021Updated 5 years ago