TedDriggs / cti

Related projects: ⓘ

• u-siem / u-siem-core
  Framework definitions that allow to build a custom SIEM.
  ☆24Updated 5 months ago
• puffyCid / artemis
  A cross platform forensic parser written in Rust!
  ☆61Updated this week
• WithSecureLabs / tau-engine
  A document tagging library
  ☆29Updated last year
• marirs / capa-rs
  File Capability Extractor
  ☆11Updated 2 months ago
• Hugal31 / yara-rust
  Rust bindings for VirusTotal/Yara
  ☆74Updated 3 months ago
• malwaredb / malwaredb-rs
  MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery
  ☆28Updated this week
• hashlookup / poppy
  Rust implementation of the DCSO Bloom filter
  ☆26Updated last month
• avast / yarang
  Alternative YARA scanning engine
  ☆66Updated 2 years ago
• mmguero-dev / Malcolm-PCAP
  A set of PCAPs used to test the parsers used by Malcolm. Also, a curated list of PCAP collections I've found online.
  ☆30Updated last month
• n4r1b / ferrisetw
  Basically a KrabsETW rip-off written in Rust
  ☆64Updated last month
• vthib / boreal
  Safe and performant YARA rules evaluator
  ☆44Updated this week
• rustysec / fuzzyhash-rs
  Pure Rust fuzzy hash implementation
  ☆20Updated last year
• CybercentreCanada / sawp
  Security Aware Wire Protocol parsing library
  ☆34Updated 2 months ago
• omerbenamram / mft
  A parser for the MFT (Master File Table) format
  ☆124Updated last year
• redcanaryco / oxidebpf
  A Rust library for managing eBPF programs.
  ☆114Updated 6 months ago
• sebdraven / IOCmite
  Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
  ☆35Updated last year
• rusticata / pcap-analyzer
  PAL (Pcap Analysis Library)
  ☆88Updated last week
• erichutchins / geoipsed
  Fast, inline geolocation decoration of IPv4 and IPv6 addresses written in Rust
  ☆25Updated 8 months ago
• SecSamDev / sysmon-arangodb
  Threat hunting with Sysmon and ArangoDB Graphs
  ☆11Updated 4 years ago
• DevoInc / sightingdb
  Sighting DB is designed to scale writing and reading a count of attributes, tracking when if was first and last seen
  ☆16Updated 5 months ago
• Devolutions / siquery-rs
  siquery, a Rust osquery implementation to query system information
  ☆54Updated last year
• hashlookup / private-search-set
  Private Search Set (PSS) is an extension to standard Bloom filter or a standalone hash file to describe and share private set.
  ☆14Updated 5 months ago
• ForensicRS / forensic-rs
  Forensic framework to build tools that can be reused in multiple projects without changing anything
  ☆19Updated 5 months ago
• microsoft / rust_win_etw
  Allows Rust code to log events to ETW
  ☆95Updated last month
• rapid7 / resynth
  A network packet synthesis language
  ☆10Updated last month
• rustysec / win-event-log-rs
  clean interface for the windows event log
  ☆23Updated 3 months ago
• signalscorps / file2stix
  ☆14Updated this week
• forensicmatt / libtsk-rs
  Wrapper for TSK (Sleuth Kit) Bindings
  ☆11Updated last year
• blackstork-io / fabric
  An open-source command-line tool for cybersecurity reporting automation and a configuration language for reusable templates. Reporting-as…
  ☆27Updated last week
• satta / suricata-json-schema
  Suricata JSON schema project
  ☆12Updated 4 years ago