SentineLabs / macos-ttps-yara

Related projects: ⓘ

• facebookincubator / ForgeArmory
  ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).
  ☆84Updated last week
• mnrkbys / ma2tl
  macOS forensic timeline generator using the analysis result DBs of mac_apt
  ☆88Updated last year
• fox-it / skrapa
  A zero dependency and customizable Python library for scanning Windows and Linux process memory.
  ☆61Updated 7 months ago
• bartblaze / FARA
  Repository that contains a set of purposefully erroneous Yara rules.
  ☆47Updated 8 months ago
• elastic / SWAT
  Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…
  ☆159Updated last month
• bradleyjkemp / sigma-esf
  Run Sigma detection rules on logs from the new MacOS EndpointSecurity Framework
  ☆20Updated 3 years ago
• Neo23x0 / god-mode-rules
  God Mode Detection Rules
  ☆130Updated last month
• c2links / NoWhere2Hide
  C2 Active Scanner
  ☆45Updated 3 months ago
• korniko98 / pivot-atlas
  ☆79Updated last month
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆62Updated 2 years ago
• delivr-to / detections
  A home for detection content developed by the delivr.to team
  ☆56Updated 2 weeks ago
• elastic / labs-releases
  Elastic Security Labs releases
  ☆46Updated 3 weeks ago
• CTI-Driven / LOLBins
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆108Updated 5 months ago
• g-les / 100DaysofYARA
  100 Days of YARA to be updated with rules & ideas as the year progresses
  ☆57Updated last year
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆76Updated last year
• referefref / aiocrioc
  An LLM and OCR based Indicator of Compromise Extraction Tool
  ☆28Updated 5 months ago
• MHaggis / ShellSweep
  ShellSweeping the evil.
  ☆49Updated 3 months ago
• threatcat-ch / malware-analysis-pipeline
  Lightweight Python-Based Malware Analysis Pipeline
  ☆29Updated this week
• AttackIQ / SigmAIQ
  A pySigma wrapper and langchain toolkit for automatic rule creation/translation
  ☆65Updated last month
• ForensicArtifacts / artifacts-kb
  Digital Forensics Artifacts Knowledge Base
  ☆71Updated 4 months ago
• fox-it / acquire
  acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.
  ☆86Updated last week
• Ruler-Project / ruler-project
  Remote access and Antivirus Logging Database
  ☆39Updated 4 months ago
• Neo23x0 / yaraQA
  YARA rule analyzer to improve rule quality and performance
  ☆93Updated 9 months ago
• fboldewin / YARA_Detection_Engineering
  Detection Engineering with YARA
  ☆84Updated 8 months ago
• Neo23x0 / YARA-Performance-Guidelines
  A guide on how to write fast and memory friendly YARA rules
  ☆123Updated last year
• OTRF / GenAI-Security-Adventures
  ☆95Updated 3 months ago
• joeavanzato / LogBoost
  Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…
  ☆91Updated 2 months ago
• knight0x07 / OneNoteAnalyzer
  A C# based tool for analysing malicious OneNote documents
  ☆108Updated last year
• zolderio / misp-to-sentinel
  Azure function to insert MISP data in to Azure Sentinel
  ☆30Updated last year
• SentineLabs / XProtect-Malware-Families
  Mapping XProtect's obfuscated malware family names to common industry names.
  ☆82Updated 4 months ago