avast / ioc
Threat Intel IoCs + bits and pieces of dark matter
☆370Updated 3 weeks ago
Related projects: ⓘ
- Sophos-originated indicators-of-compromise from published reports☆534Updated last week
- ☆503Updated last month
- ☆521Updated 9 months ago
- Repository of YARA rules made by Trellix ATR Team☆560Updated 9 months ago
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆360Updated 2 years ago
- Automatically created C2 Feeds☆509Updated this week
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆697Updated last year
- IOC from articles, tweets for archives☆310Updated 9 months ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆568Updated 4 months ago
- Indicators from Unit 42 Public Reports☆696Updated last week
- ReversingLabs YARA Rules☆744Updated last week
- Collection of private Yara rules.☆317Updated last month
- Beta versions of my software☆245Updated 11 months ago
- Standard collection of rules for capa: the tool for enumerating the capabilities of programs☆519Updated this week
- PCAP Samples for Different Post Exploitation Techniques☆339Updated 3 years ago
- ☆130Updated 7 months ago
- Code and yara rules to detect and analyze Cobalt Strike☆262Updated 3 years ago
- Detection in the form of Yara, Snort and ClamAV signatures.☆201Updated 2 weeks ago
- A collection of red team and adversary emulation resources developed and released by MITRE.☆490Updated 3 years ago
- Signatures and IoCs from public Volexity blog posts.☆307Updated last month
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆658Updated last month
- Clusters and elements to attach to MISP events or attributes (like threat actors)☆513Updated 2 weeks ago
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆238Updated last year
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆497Updated 2 weeks ago
- Volatility plugin for extracts configuration data of known malware☆481Updated 8 months ago
- ☆1,008Updated 9 months ago
- Encyclopedia for Executables☆409Updated 2 years ago
- Sigma rules from Joe Security☆199Updated last month
- Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-Cradle…☆287Updated 2 years ago
- Open Source EDR for Windows☆1,137Updated last year