Alternatives and similar repositories for 2019-winnti-analyse

Users that are interested in 2019-winnti-analyse are comparing it to the libraries listed below

• 3c7 / yaramanager
  Simple yara rule manager
  ☆66Updated 2 years ago
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆29Updated 2 years ago
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆52Updated 4 years ago
• W3ndige / aurora
  Malware similarity platform with modularity in mind.
  ☆78Updated 4 years ago
• sfakiana / FIRST-CTI-2019
  References for FIRST CTI 2019 Symposium presentation
  ☆23Updated 6 years ago
• CybercentreCanada / assemblyline-core
  Core server components for Assemblyline 4 (Alerter, dispatcher, expiry, ingester, scaler, updater, ...)
  ☆21Updated last week
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆16Updated 4 years ago
• sbousseaden / YaraHunts
  Random hunting ordiented yara rules
  ☆97Updated 2 years ago
• Neo23x0 / panopticon
  A YARA Rule Performance Measurement Tool
  ☆60Updated last year
• hvs-consulting / ioc_signatures
  Repository with selected IOCs and YARA rules for threat hunting.
  ☆35Updated 5 months ago
• certsocietegenerale / fame_modules
  Community modules for FAME
  ☆65Updated last month
• schrodyn / steezy
  Steezy - Ghetto Yara Generation
  ☆15Updated 2 years ago
• Neo23x0 / xorex
  XOR Key Extractor
  ☆50Updated last year
• Yara-Rules / yara-endpoint
  Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
  ☆110Updated 7 years ago
• caschnee / misp-use-cases
  ☆14Updated 7 years ago
• bromiley / pollen
  pollen - A command-line tool for interacting with TheHive
  ☆36Updated 6 years ago
• Neo23x0 / ti-falsepositives
  A collection of typical false positive indicators
  ☆55Updated 4 years ago
• aarju / Kibana_ForensicDashboards
  Dashboards for conducting forensic investigation using windows events in Kibana
  ☆18Updated 6 years ago
• msuhanov / yarp
  Yet another registry parser
  ☆136Updated 3 years ago
• EmergingThreats / threatresearch
  Proofpoint - Emerging Threats - Threat Research tools + publicly shared intel and documentation
  ☆80Updated last month
• mnrkbys / vss_carver
  Carves and recreates VSS catalog and store from Windows disk image.
  ☆100Updated 2 years ago
• KPN-CISO / AttackMatrix
  AttackMatrix is a Python module and/or webpage to interact with and explore MITRE's ATT&CK's matrices.
  ☆17Updated 2 years ago
• enisaeu / Reference-Security-Incident-Taxonomy-Task-Force
  This repository hosts files relating to the TF-CSIRT Reference Security Incident Taxonomy Working Group.
  ☆70Updated 7 months ago
• CERT-Polska / karton-misp-pusher
  ☆16Updated last year
• infosec-intern / vscode-yara
  VSCode extension for the YARA pattern matching language
  ☆63Updated last year
• DissectMalware / base64_substring
  Generate a Yara rule to find base64-encoded files containg a specific keyword
  ☆40Updated 7 years ago
• MITRECND / malchive
  Various capabilities for static malware analysis.
  ☆79Updated last year
• aff4 / Standard
  AFF4 Standard Documents
  ☆29Updated 3 years ago
• ANSSI-FR / bits_parser
  Extract BITS jobs from QMGR queue and store them as CSV records
  ☆75Updated 8 months ago
• DFIR-ORC / dfir-orc-config
  Configurations for DFIR ORC
  ☆28Updated last year