TKCERT / winnti-suricata-lua

Related projects ⓘ

Alternatives and complementary repositories for winnti-suricata-lua

• TKCERT / winnti-detector
  Network detector for Winnti malware
  ☆20Updated 6 years ago
• nccgroup / yaml2yara
  Generate bulk YARA rules from YAML input
  ☆22Updated 4 years ago
• proferosec / Threat-Intelligence
  A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.
  ☆10Updated 5 years ago
• CERT-Bund / yara-exporter
  Exporting MISP event attributes to yara rules usable with Thor apt scanner
  ☆24Updated 7 years ago
• airbus-cert / PSTrace
  Trace ScriptBlock execution for powershell v2
  ☆39Updated 4 years ago
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆15Updated 3 years ago
• B0fH / yara-suricata
  A Yara Lua output script for Suricata
  ☆19Updated 5 years ago
• DissectMalware / base64_substring
  Generate a Yara rule to find base64-encoded files containg a specific keyword
  ☆40Updated 6 years ago
• jaegeral / osint_to_timesketch
  Virustotal Data to Timesketch
  ☆17Updated 5 years ago
• SekoiaLab / FastIR_Agent
  FastIR Agent is a Windows service to execute FastIR Collector on demand
  ☆14Updated 7 years ago
• Neo23x0 / prisma
  Command Line STDOUT Colorer
  ☆29Updated 3 years ago
• jeFF0Falltrades / IoCs
  A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo
  ☆30Updated 4 years ago
• fireeye / brocapi
  Bro PCAP Processing and Tagging API
  ☆28Updated 7 years ago
• schrodyn / steezy
  Steezy - Ghetto Yara Generation
  ☆15Updated last year
• binarlyhq / binarly-query
  Command-line Interface for Binar.ly
  ☆37Updated 7 years ago
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆14Updated 2 years ago
• nccgroup / Royal_APT
  Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research
  ☆53Updated 6 years ago
• Beercow / ProcDOT-Plugins
  Plugins to add funtionality to ProcDOT. http://www.procdot.com
  ☆22Updated last year
• 0xrawsec / gene-rules
  ☆39Updated 2 years ago
• DissectMalware / MalwareCMDMonitor
  Shows command lines used by latest instances analyzed on Hybrid-Analysis
  ☆43Updated 6 years ago
• reed1713 / ELAT
  Event Log Analysis Tools
  ☆29Updated 8 years ago
• arieljt / VTvHash-Maltego
  A Maltego transform for VirusTotal vHash
  ☆31Updated 5 years ago
• raw-data / malarchive
  Malware samples observed in the wild from time to time
  ☆12Updated 5 years ago
• bsi-group / autorun-logger-server
  Server for receiving autorun data from the clients
  ☆13Updated 7 years ago
• EmergingThreats / IDSDeathBlossom
  IDS Utility Belt For Automating/Testing Various Things
  ☆30Updated 4 years ago
• bonifield / volatilityGrapher
  Force-Directed Graph Generator for Volatility Ouputs
  ☆26Updated 5 years ago
• iAbdullahMughal / dscan
  D-Scan project for office document analysis and generating flow diagram of macro in documents. For demo visit
  ☆29Updated this week
• faisalusuf / ThreatIntelligence
  Tracking APT IOCs
  ☆25Updated 3 years ago
• Kafeine / public
  ☆19Updated 6 years ago
• certsocietegenerale / fame_modules
  Community modules for FAME
  ☆64Updated last week