claroty / arya

Related projects: ⓘ

• pan-unit42 / tweets
  ☆130Updated 7 months ago
• mandiant / Vulnerability-Disclosures
  ☆183Updated 2 weeks ago
• volexity / threat-intel
  Signatures and IoCs from public Volexity blog posts.
  ☆307Updated last month
• StrangerealIntel / Orion
  A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...
  ☆136Updated 10 months ago
• lucky-luk3 / Grafiki
  Threat Hunting tool about Sysmon and graphs
  ☆328Updated last year
• sbousseaden / Slides
  Misc Threat Hunting Resources
  ☆368Updated last year
• swimlane / atomic-operator
  A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.
  ☆135Updated 2 months ago
• jsecurity101 / TelemetrySource
  ☆214Updated 4 months ago
• CrowdStrike / SuperMem
  A python script developed to process Windows memory images based on triage type.
  ☆259Updated 9 months ago
• splunk / melting-cobalt
  A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object
  ☆162Updated last year
• 3lp4tr0n / BeaconHunter
  Detect and respond to Cobalt Strike beacons using ETW.
  ☆478Updated 2 years ago
• joesecurity / sigma-rules
  Sigma rules from Joe Security
  ☆199Updated last month
• Cyb3r-Monk / RITA-J
  Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.
  ☆192Updated 2 years ago
• NextronSystems / ransomware-simulator
  Ransomware simulator written in Golang
  ☆401Updated 2 years ago
• executemalware / Malware-IOCs
  ☆503Updated last month
• PayloadSecurity / Sandbox_Scryer
  ☆220Updated 2 years ago
• YARAHQ / yara-forge
  Automated YARA Rule Standardization and Quality Assurance Tool
  ☆154Updated this week
• jsecurity101 / MSRPC-to-ATTACK
  A repository that maps commonly used attacks using MSRPC protocols to ATT&CK
  ☆305Updated last year
• d4rk-d4nph3 / Ransomware-Reports
  This repo is a collection of Ransomware reports from vendors, researchers, etc.
  ☆111Updated 2 years ago
• mdecrevoisier / EVTX-to-MITRE-Attack
  Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
  ☆495Updated 2 weeks ago
• fr0gger / IATelligence
  IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&…
  ☆347Updated last year
• redcanaryco / AtomicTestHarnesses
  Public Repo for Atomic Test Harness
  ☆244Updated 2 months ago
• wagga40 / Zircolite
  A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
  ☆658Updated last month
• evild3ad / Collect-MemoryDump
  Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
  ☆216Updated 6 months ago
• The-DFIR-Report / Sigma-Rules
  Rules generated from our investigations.
  ☆186Updated last month
• christophetd / mindmaps
  Mindmaps for threat hunting - work in progress.
  ☆149Updated 2 years ago
• 3CORESec / MAL-CL
  MAL-CL (Malicious Command-Line)
  ☆308Updated last year
• Securonix / AutonomousThreatSweeper
  Threat Hunting queries for various attacks
  ☆198Updated this week
• naksyn / Pyramid
  a tool to help operate in EDRs' blind spots
  ☆639Updated 5 months ago
• hpthreatresearch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆143Updated 11 months ago