RandomRhythm / Vendor-Threat-Triage-Lookup

Related projects ⓘ

Alternatives and complementary repositories for Vendor-Threat-Triage-Lookup

• lprat / static_file_analysis
  Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
  ☆49Updated last year
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆76Updated 2 years ago
• jeFF0Falltrades / YARA-Signatures
  A collection of my public YARA signatures for various malware families
  ☆29Updated 2 months ago
• center-for-threat-informed-defense / attack-powered-suit
  ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…
  ☆73Updated 3 weeks ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆62Updated 2 years ago
• swisscom / PowerSponse
  PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.
  ☆38Updated 2 years ago
• hvs-consulting / ioc_signatures
  Repository with selected IOCs and YARA rules for threat hunting.
  ☆32Updated 3 months ago
• imp0rtp3 / Yobi
  Yara Based Detection Engine for web browsers
  ☆47Updated 3 years ago
• EricZimmerman / RegistryExplorerBookmarks
  Registry Explorer bookmark definitions
  ☆41Updated last year
• deadbits / yara-rules
  Collection of YARA signatures from individual research
  ☆42Updated last year
• WiredPulse / Invoke-SRUMDump
  A pure PowerShell/ .NET DFIR capability that dumps the Windows SRUM (System Resource Usage Monitor) database to CSVs for analysis.
  ☆13Updated 3 years ago
• 3c7 / yaramanager
  Simple yara rule manager
  ☆65Updated last year
• 3c7 / bazaar
  Python based CLI for MalwareBazaar
  ☆36Updated 3 weeks ago
• svo80 / vti_search
  VirusTotal Intelligence Search
  ☆35Updated 4 years ago
• sbousseaden / YaraHunts
  Random hunting ordiented yara rules
  ☆95Updated last year
• mohlcyber / MISP-MVISION-EDR
  Integration between MISP platform and McAfee MVISION EDR
  ☆14Updated 2 years ago
• fireeye / HXTool
  HXTool is an extended user interface for the FireEye HX Endpoint product. HXTool can be installed on a dedicated server or on your physic…
  ☆79Updated 4 months ago
• woanware / wmi-parser
  Parses the WMI object database....looking for persistence
  ☆31Updated 4 years ago
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆14Updated 2 years ago
• adulau / hashlookup-server
  Fast lookup server for NSRL and other hash database used in digital forensic
  ☆41Updated 2 years ago
• stairwell-inc / threat-research
  Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
  ☆22Updated 9 months ago
• The-DFIR-Report / Yara-Rules
  ☆62Updated this week
• Beercow / SEPparser
  Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.
  ☆63Updated last year
• zerofox-oss / phishpond
  Because phishtank was taken.. explore phishing kits in a contained environment!
  ☆43Updated 2 years ago
• hm-seclab / YAFRA
  YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
  ☆27Updated 2 years ago
• jstrosch / subparse
  Modular malware analysis artifact collection and correlation framework
  ☆53Updated 7 months ago
• abusech / ThreatFox
  Open IOC sharing platform
  ☆53Updated 2 weeks ago
• moaistory / IE10Analyzer
  http://moaistory.blogspot.com/2016/08/ie10analyzer.html
  ☆14Updated 4 months ago
• rkovar / ransomwarelegality
  Can you pay the ransom in your country?
  ☆14Updated 11 months ago
• RandomRhythm / mal2csv
  Malformed Access Log to CSV - Convert Web Server Access Logs to CSV
  ☆15Updated 2 months ago