ashemery / CuckooVMLinks
Cuckoo running in a nested hypervisor
☆128Updated 5 years ago
Alternatives and similar repositories for CuckooVM
Users that are interested in CuckooVM are comparing it to the libraries listed below
Sorting:
- Personal compilation of APT malware from whitepaper releases, documents and own research☆260Updated 6 years ago
- Mindmaps for threat hunting - work in progress.☆150Updated 3 years ago
- A repo to document API functions mapped to security events across diverse platforms☆75Updated 5 years ago
- Random hunting ordiented yara rules☆97Updated 2 years ago
- ☆98Updated 4 years ago
- Valhalla API Client☆70Updated 2 years ago
- Simulating Adversary Operations☆93Updated 7 years ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆62Updated last year
- Repository containing IOCs, CSV and MISP JSON from our blogs☆81Updated 3 years ago
- c2 traffic☆189Updated 2 years ago
- Static based decoders for malware samples☆93Updated 4 years ago
- Toolset for research malware and Cobalt Strike beacons☆211Updated 3 months ago
- ☆350Updated 4 years ago
- Lazy Office Analyzer☆122Updated 8 years ago
- Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets☆138Updated 4 years ago
- ☆116Updated last year
- ☆53Updated 6 years ago
- Miscellaneous Malware RE☆196Updated 3 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆87Updated 2 years ago
- An advanced memory forensics framework☆94Updated 5 years ago
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆137Updated 2 years ago
- Automated Tactics Techniques & Procedures☆255Updated 2 years ago
- ☆127Updated 4 months ago
- Repo containing docker-compose files and setup scripts without having to clone the individual reternal components☆109Updated 4 years ago
- A lightweight tool to load Windows Event Log evtx files into Elasticsearch.☆117Updated 4 years ago
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Updated last year
- SEC599 supporting GitHub repository☆16Updated 5 years ago
- Various scripts for different malware families☆106Updated 4 years ago
- Cloud Templates and scripts to deploy mordor environments☆129Updated 4 years ago
- Research indicators and detection rules☆66Updated last year