claroty / arya
Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.
☆238Updated last year
Related projects: ⓘ
- ☆130Updated 7 months ago
- ☆183Updated 2 weeks ago
- Signatures and IoCs from public Volexity blog posts.☆307Updated last month
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆136Updated 10 months ago
- Threat Hunting tool about Sysmon and graphs☆328Updated last year
- Misc Threat Hunting Resources☆368Updated last year
- A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.☆135Updated 2 months ago
- ☆214Updated 4 months ago
- A python script developed to process Windows memory images based on triage type.☆259Updated 9 months ago
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆162Updated last year
- Detect and respond to Cobalt Strike beacons using ETW.☆478Updated 2 years ago
- Sigma rules from Joe Security☆199Updated last month
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆192Updated 2 years ago
- Ransomware simulator written in Golang☆401Updated 2 years ago
- ☆503Updated last month
- ☆220Updated 2 years ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆154Updated this week
- A repository that maps commonly used attacks using MSRPC protocols to ATT&CK☆305Updated last year
- This repo is a collection of Ransomware reports from vendors, researchers, etc.☆111Updated 2 years ago
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆495Updated 2 weeks ago
- IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&…☆347Updated last year
- Public Repo for Atomic Test Harness☆244Updated 2 months ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs