Analyze binaries collected in VMware Carbon Black EDR against Yara rules.
☆38Feb 23, 2026Updated 2 weeks ago
Alternatives and similar repositories for cb-yara-connector
Users that are interested in cb-yara-connector are comparing it to the libraries listed below
Sorting:
- Carbon Black Feeds☆73Apr 4, 2023Updated 2 years ago
- Carbon Black integration Python utility library☆12Oct 29, 2020Updated 5 years ago
- Carbon Black API - Python language bindings☆145Aug 22, 2024Updated last year
- Subscribe to raw VMware Carbon Black EDR event feed and forward to another system, such as Splunk.☆73Feb 20, 2026Updated 2 weeks ago
- Report Generation from the Carbon Black REST API☆15Mar 24, 2022Updated 3 years ago
- Connector for pulling and converting STIX information from TAXII Service Providers into CB Feeds.☆15Jul 1, 2022Updated 3 years ago
- Carbon Black API Resources☆93Jan 11, 2018Updated 8 years ago
- integrating bro into yara☆33Dec 9, 2014Updated 11 years ago
- Community Sharing Repository for Carbon Black and Bit9 Platforms☆27Apr 4, 2022Updated 3 years ago
- Lateral Movement and Data Access artifacts for Velociraptor☆17Dec 2, 2025Updated 3 months ago
- Bro Intel Feed Linter☆26Aug 30, 2019Updated 6 years ago
- ☆19Jan 31, 2025Updated last year
- Collection of useful, up to date, Carbon Black Response Queries☆85Oct 23, 2020Updated 5 years ago
- Elasticsearch/Kibana environment and log data for Sigma workshop☆26Dec 20, 2019Updated 6 years ago
- Modular command-line threat hunting tool & framework.☆17Jul 20, 2020Updated 5 years ago
- Scripts to automate standing up C2 infra with firewall settings inside of DigitalOcean.☆18Feb 5, 2021Updated 5 years ago
- Bro/Zeek integration with osquery☆93Nov 2, 2020Updated 5 years ago
- Automatically exported from code.google.com/p/softflowd☆15Jun 10, 2015Updated 10 years ago
- Push "BAD" IPs/Networks into QRadar's "Remote Networks", tag them properly, and use them!☆18Nov 5, 2013Updated 12 years ago
- ☆18May 5, 2024Updated last year
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Jan 30, 2018Updated 8 years ago
- Bit9 Platform☆20Jun 23, 2017Updated 8 years ago
- ☆115Jan 31, 2024Updated 2 years ago
- A repo containing tools developed by Carbon Black's Threat Research Team: Threat Analysis Unit☆240Jul 22, 2021Updated 4 years ago
- Detection rules to look for Log4J usage and exploitation☆18Jun 21, 2025Updated 8 months ago
- Shell scripts to audit OS X security using CIS Benchmarks.☆18Aug 9, 2016Updated 9 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆20May 25, 2022Updated 3 years ago
- IDS Utility Belt For Automating/Testing Various Things☆30Oct 14, 2020Updated 5 years ago
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- Hunting IOCs all day every day...☆88Sep 26, 2023Updated 2 years ago
- Carbonblack Live Response from the comfort of your own terminal☆20Jan 20, 2016Updated 10 years ago
- Use SQL to instantly query file, domain, URL and IP scanning results from VirusTotal.☆23Oct 13, 2025Updated 4 months ago
- CRITs - Collaborative Research Into Threats☆911Jul 29, 2019Updated 6 years ago
- Volatility Plugins☆22May 1, 2015Updated 10 years ago
- Attack Tool Timing and Reporting - Structured Attack Logging Format☆22Nov 4, 2022Updated 3 years ago
- Plugins to add funtionality to ProcDOT. http://www.procdot.com☆25Sep 26, 2023Updated 2 years ago
- Build Automated Machine Images for MISP☆29Jun 9, 2023Updated 2 years ago
- Materials used and mentioned during my talk at SANS Cloud Security Summit 2018 in San Diego☆23Feb 19, 2018Updated 8 years ago
- A simple many-rules to many-files YARA scanner for incident response or malware zoos.☆27Jun 3, 2018Updated 7 years ago