Te-k / analyst-scripts

Related projects: ⓘ

• sapphirex00 / Threat-Hunting
  Personal compilation of APT malware from whitepaper releases, documents and own research
  ☆253Updated 5 years ago
• k-vitali / Malware-Misc-RE
  Miscellaneous Malware RE
  ☆195Updated 2 years ago
• MISP / MISP-maltego
  Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.
  ☆166Updated 2 months ago
• mnemonic-no / grafeo
  Open platform for modelling, collection and exchange of knowledge
  ☆154Updated 6 months ago
• Neo23x0 / vti-dorks
  Awesome VirusTotal Intelligence Search Queries
  ☆325Updated last year
• kirk-sayre-work / ViperMonkey
  A VBA parser and emulation engine to analyze malicious macros.
  ☆90Updated this week
• airbus-cert / regrippy
  A modern Python-3-based alternative to RegRipper
  ☆184Updated 11 months ago
• InQuest / ThreatKB
  Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
  ☆94Updated 3 months ago
• 504ensicsLabs / DAMM
  Differential Analysis of Malware in Memory
  ☆209Updated 7 years ago
• NextronSystems / valhallaAPI
  Valhalla API Client
  ☆62Updated last year
• misterch0c / what_is_this_c2
  For all these times you're asking yourself "what is this panel again?"
  ☆251Updated last year
• neonprimetime / PhishingKitTracker
  PROJECT PAUSED 1/11/22, Tracking Threat Actor Emails in Phishing Kits. CC @PhishKitTracker on twitter if you find a #threatactoremail in …
  ☆98Updated 2 years ago
• JohnLaTwC / PyPowerShellXray
  Python script to decode common encoded PowerShell scripts
  ☆214Updated 6 years ago
• certsocietegenerale / fame_modules
  Community modules for FAME
  ☆63Updated 2 weeks ago
• Yara-Rules / yara-endpoint
  Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
  ☆102Updated 6 years ago
• Xumeiquer / yara-forensics
  Set of Yara rules for finding files using magics headers
  ☆134Updated 4 years ago
• 0x4D31 / deception-as-detection
  Deception based detection techniques mapped to the MITRE’s ATT&CK framework
  ☆280Updated 6 years ago
• aptnotes / tools
  Tools to interact with APTnotes reporting/index.
  ☆94Updated 3 years ago
• ashemery / CuckooVM
  Cuckoo running in a nested hypervisor
  ☆128Updated 4 years ago
• unixfreaxjp / malwaremustdie
  repository of tools & resources of the MMD team
  ☆131Updated 2 years ago
• bartblaze / MaTiRe
  Malware Analysis, Threat Intelligence and Reverse Engineering: LABS
  ☆80Updated 3 years ago
• rastrea2r / rastrea2r
  Collecting & Hunting for IOCs with gusto and style
  ☆235Updated 3 years ago
• cybercdh / phishfinder
  A tool designed to traverse phishing URL paths to search for phishing kit source code.
  ☆89Updated last year
• williballenthin / EVTXtract
  EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
  ☆180Updated 4 years ago
• jymcheong / AutoTTP
  Automated Tactics Techniques & Procedures
  ☆251Updated last year
• sysopfb / Malware_Scripts
  Various scripts for different malware families
  ☆106Updated 3 years ago
• ecstatic-nobel / Analyst-Arsenal
  A toolkit for Security Researchers
  ☆124Updated 5 years ago
• netspooky / inhale
  A malware analysis and classification tool.
  ☆193Updated 2 years ago
• WithSecureLabs / snake
  snake - a malware storage zoo
  ☆217Updated last year
• monnappa22 / HollowFind
  Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …
  ☆128Updated last year