ashemery / CuckooVM
Cuckoo running in a nested hypervisor
☆128Updated 4 years ago
Alternatives and similar repositories for CuckooVM:
Users that are interested in CuckooVM are comparing it to the libraries listed below
- Personal compilation of APT malware from whitepaper releases, documents and own research☆259Updated 6 years ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆61Updated last year
- An advanced memory forensics framework☆94Updated 5 years ago
- c2 traffic☆189Updated 2 years ago
- Simulating Adversary Operations☆93Updated 6 years ago
- A repo to document API functions mapped to security events across diverse platforms☆75Updated 5 years ago
- ☆98Updated 4 years ago
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆132Updated 2 years ago
- Random hunting ordiented yara rules☆95Updated last year
- Static based decoders for malware samples☆92Updated 4 years ago
- Repository containing IOCs, CSV and MISP JSON from our blogs☆80Updated 3 years ago
- Set of Yara rules for finding files using magics headers☆136Updated 4 years ago
- Mindmaps for threat hunting - work in progress.☆150Updated 3 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆85Updated 2 years ago
- ☆349Updated 4 years ago
- A MITRE Caldera plugin written in Python 3 used to convert Red Canary Atomic Red Team Tests to MITRE Caldera Stockpile YAML ability files…☆71Updated 3 years ago
- A lightweight tool to load Windows Event Log evtx files into Elasticsearch.☆115Updated 4 years ago
- Collecting & Hunting for IOCs with gusto and style☆237Updated 3 years ago
- This tool maps a file's behavior on MITRE ATT&CK matrix.☆58Updated 5 years ago
- Various capabilities for static malware analysis.☆77Updated 6 months ago
- Valhalla API Client☆68Updated 2 years ago
- A tool for de-obfuscating PowerShell scripts☆67Updated 5 years ago
- ATT&CK Evaluations website (DEPRECATED)☆59Updated 3 years ago
- Extension to Cuckoo Sandbox open source projects, adds support to AWS cloud functionalities and enables running emulation on auto-scaling…☆136Updated 3 years ago
- Toolset for research malware and Cobalt Strike beacons☆208Updated last week
- Proofpoint - Emerging Threats - Threat Research tools + publicly shared intel and documentation☆72Updated 3 months ago
- Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets☆137Updated 4 years ago
- SEC599 supporting GitHub repository☆16Updated 5 years ago
- Cloud Templates and scripts to deploy mordor environments☆129Updated 4 years ago
- ☆116Updated last year