Symantec / threathuntersView external linksLinks
☆29Jan 9, 2025Updated last year
Alternatives and similar repositories for threathunters
Users that are interested in threathunters are comparing it to the libraries listed below
Sorting:
- Provides a multi-platform Graphical User Interface for hashlookup☆12Jul 12, 2024Updated last year
- Scripts developed to help in mobile forensics investigations☆10Jul 4, 2017Updated 8 years ago
- DNS Dashboard for hunting and identifying beaconing☆16Jul 29, 2020Updated 5 years ago
- Random stuff for FlareOn☆14Oct 6, 2018Updated 7 years ago
- Repository of Cofense Coronavirus Phishing Yara Rules (details can be found here: https://cofense.com/solutions/topic/coronavirus-infocen…☆10Jul 7, 2020Updated 5 years ago
- $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility☆38Jul 18, 2024Updated last year
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆20Jul 1, 2023Updated 2 years ago
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- study material used for the 2018 CISSP exam☆11May 20, 2019Updated 6 years ago
- ☆19Jul 21, 2022Updated 3 years ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Nov 13, 2022Updated 3 years ago
- ☆21Jul 27, 2020Updated 5 years ago
- All the useful tools interesting to be used☆24Sep 20, 2022Updated 3 years ago
- ☆25Jul 23, 2024Updated last year
- Utilities for working with vivisect☆26Oct 1, 2025Updated 4 months ago
- Yara rules☆22Mar 27, 2023Updated 2 years ago
- NTFS samples☆27Aug 1, 2020Updated 5 years ago
- Repository for LNK stuff☆31Aug 31, 2022Updated 3 years ago
- Scripts, Yara rules and other files developed during malware investigations☆27Aug 19, 2022Updated 3 years ago
- ☆23Aug 10, 2020Updated 5 years ago
- Carve file metadata from NTFS index ($I30) attributes☆71Feb 3, 2024Updated 2 years ago
- A community event for security researchers to share their favorite notebooks☆108Feb 15, 2024Updated last year
- Get-UnJlaive is tool which is able to reconstruct Jlaive (.NET Antivirus Evasion Tool (Exe2Bat)) to original Assembly and stub Assembly.☆22May 19, 2022Updated 3 years ago
- CSIRT Jump Bag☆27Apr 25, 2024Updated last year
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆36Jul 11, 2023Updated 2 years ago
- Windows Security Logging☆43Jul 17, 2022Updated 3 years ago
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆34Feb 2, 2022Updated 4 years ago
- ☆35Oct 29, 2021Updated 4 years ago
- Collection of rules created using YARA-Signator over Malpedia☆142Jan 6, 2026Updated last month
- Searches for Insider Threat Hunting☆30May 2, 2019Updated 6 years ago
- ☆33Oct 25, 2021Updated 4 years ago
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆141Nov 19, 2023Updated 2 years ago
- Various capabilities for static malware analysis.☆79Sep 4, 2024Updated last year
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆78Jan 9, 2024Updated 2 years ago
- A python script developed to process Windows memory images based on triage type.☆264Nov 25, 2023Updated 2 years ago
- A set of YARA rules for the AIL framework to detect leak or information disclosure☆41Jan 31, 2025Updated last year
- IOC from articles, tweets for archives☆318Dec 12, 2023Updated 2 years ago
- ☆48Jan 6, 2023Updated 3 years ago
- Metasploit framework via HTTP services☆10Jul 31, 2021Updated 4 years ago