TedDriggs / cti
Cyber threat intelligence crates for Rust
☆13Updated 7 months ago
Related projects: ⓘ
- Framework definitions that allow to build a custom SIEM.☆24Updated 5 months ago
- A cross platform forensic parser written in Rust!☆61Updated this week
- A document tagging library☆29Updated last year
- File Capability Extractor☆11Updated 2 months ago
- Rust bindings for VirusTotal/Yara☆74Updated 3 months ago
- MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery☆28Updated this week
- Rust implementation of the DCSO Bloom filter☆26Updated last month
- Alternative YARA scanning engine☆66Updated 2 years ago
- A set of PCAPs used to test the parsers used by Malcolm. Also, a curated list of PCAP collections I've found online.☆30Updated last month
- Basically a KrabsETW rip-off written in Rust☆64Updated last month
- Safe and performant YARA rules evaluator☆44Updated this week
- Pure Rust fuzzy hash implementation☆20Updated last year
- Security Aware Wire Protocol parsing library☆34Updated 2 months ago
- A parser for the MFT (Master File Table) format☆124Updated last year
- A Rust library for managing eBPF programs.☆114Updated 6 months ago
- Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert☆35Updated last year
- PAL (Pcap Analysis Library)☆88Updated last week
- Fast, inline geolocation decoration of IPv4 and IPv6 addresses written in Rust☆25Updated 8 months ago
- Threat hunting with Sysmon and ArangoDB Graphs☆11Updated 4 years ago
- Sighting DB is designed to scale writing and reading a count of attributes, tracking when if was first and last seen☆16Updated 5 months ago
- siquery, a Rust osquery implementation to query system information☆54Updated last year
- Private Search Set (PSS) is an extension to standard Bloom filter or a standalone hash file to describe and share private set.☆14Updated 5 months ago
- Forensic framework to build tools that can be reused in multiple projects without changing anything☆19Updated 5 months ago
- Allows Rust code to log events to ETW☆95Updated last month
- A network packet synthesis language☆10Updated last month
- clean interface for the windows event log☆23Updated 3 months ago
- ☆14Updated this week
- Wrapper for TSK (Sleuth Kit) Bindings☆11Updated last year
- An open-source command-line tool for cybersecurity reporting automation and a configuration language for reusable templates. Reporting-as…☆27Updated last week
- Suricata JSON schema project☆12Updated 4 years ago