bricerenaud / xdr_yara_rule_matchingView external linksLinks
custom Python script to perform Yara matching in Cortex XDR
☆14May 18, 2021Updated 4 years ago
Alternatives and similar repositories for xdr_yara_rule_matching
Users that are interested in xdr_yara_rule_matching are comparing it to the libraries listed below
Sorting:
- A few XDR Scripts☆22Mar 19, 2025Updated 10 months ago
- ☆12Jun 6, 2025Updated 8 months ago
- CLI tool to compute the TypeRefHash for .NET binaries.☆19Nov 10, 2021Updated 4 years ago
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 4 months ago
- Cortex EDR Ransomware protection Bypass☆26Feb 8, 2025Updated last year
- A python-based API client for Cortex XDR API.☆26Sep 22, 2025Updated 4 months ago
- Repository for Cortex XDR and Cortex XSIAM XQL queries and more!☆39Jun 7, 2024Updated last year
- A collection of my public YARA signatures for various malware families☆30Sep 20, 2024Updated last year
- Google Cloud Security Command Center to Azure Sentinel Connector☆19Jul 15, 2023Updated 2 years ago
- Configurations for DFIR ORC☆28Mar 28, 2024Updated last year
- Repository with selected IOCs and YARA rules for threat hunting.☆35May 21, 2025Updated 8 months ago
- Decrypt GlobalProtect configuration and cookie files.☆158Sep 10, 2024Updated last year
- Cisco IOS XE implant scanning & detection (CVE-2023-20198, CVE-2023-20273)☆41Nov 7, 2023Updated 2 years ago
- ☆12Dec 14, 2016Updated 9 years ago
- macOS Endpoint Security Message Analysis Tool☆47Jan 31, 2022Updated 4 years ago
- Sigma Queries turned into KQL for Defender using pysigma☆12Jun 20, 2024Updated last year
- ☆11Apr 25, 2021Updated 4 years ago
- Minimal C port of UTF8-CPP☆12Jun 2, 2019Updated 6 years ago
- A small crappy script I wrote that converts the Sigma Windows Process Creation events to KQL via PySigma. Designed for CI/CD☆10Nov 7, 2023Updated 2 years ago
- Powershell to read ETL file on an interval and convert it to an EVTX (so Windows Event Forwarding can 'subscribe')☆11May 16, 2017Updated 8 years ago
- A clone of FD (File & Directory tool) by T.Shirai☆16Jan 29, 2014Updated 12 years ago
- Primarily aimed at replicating files that cannot be directly copied due to being in use.☆11Apr 22, 2024Updated last year
- ☆102Dec 9, 2025Updated 2 months ago
- Demonstrate the new FileDispositionInfoEx behavior☆15Nov 6, 2017Updated 8 years ago
- A password list optimized for use on Android devices.☆11Jul 2, 2022Updated 3 years ago
- My attempts at making life with VMware that little bit easier.☆11Aug 7, 2023Updated 2 years ago
- The method and files used to generate Sysmon event logs, push them to a remote Splunk, and ingest/normalize the data for analysis.☆10Sep 28, 2020Updated 5 years ago
- CoreFoundation Property List support for Go☆28Nov 7, 2017Updated 8 years ago
- An updated C# port of X-Ways X-Tensions API.☆11Mar 12, 2018Updated 7 years ago
- Backport of SliverStager to work with DotNetToJScript for vba☆16Aug 9, 2024Updated last year
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- Writeups of some of PicoCTF 2017 challenges.☆10Aug 3, 2018Updated 7 years ago
- Mimikatz embedded as classes☆28Oct 25, 2021Updated 4 years ago
- MSVC C++ resource example☆11Jun 28, 2018Updated 7 years ago
- Simple python project using the COM (DDE) API under win32 to convert nsf documents databases to other formats, mainly targetting mbox & i…☆10Apr 15, 2017Updated 8 years ago
- multiduplicut : optimize wordlists-based password cracking methods chaining☆16Feb 25, 2022Updated 3 years ago
- Parsers for common structures across windows formats.☆12Aug 23, 2023Updated 2 years ago
- How to add direction and language metadata to strings☆14Oct 28, 2025Updated 3 months ago