☆28Jul 5, 2025Updated 8 months ago
Alternatives and similar repositories for urlhaus
Users that are interested in urlhaus are comparing it to the libraries listed below
Sorting:
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Apr 10, 2024Updated last year
- Windows Thingies... but in Rust☆23Nov 12, 2022Updated 3 years ago
- urlscan.io API wrapper for Ruby☆13Oct 16, 2023Updated 2 years ago
- A utility to force query DNS over DoH off of CloudFlare API when DNS block is in place☆10Aug 26, 2018Updated 7 years ago
- RisingSun: Decoding SUNBURST C2 to identify infected hosts without network telemetry.☆10Jan 14, 2021Updated 5 years ago
- A script to assist in processing forensic RAM captures for malware triage☆26Feb 4, 2021Updated 5 years ago
- onigiri - remote malware triage script☆24Nov 5, 2015Updated 10 years ago
- This is a basic example of how to search into Shodan using the ShodanAPI.☆16Jan 19, 2014Updated 12 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 8 months ago
- A collection of tools adversaries commonly use in an attack.☆14Nov 23, 2024Updated last year
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆19Feb 26, 2024Updated 2 years ago
- ☆12Jun 6, 2025Updated 9 months ago
- Python scripts for Malware Bazaar☆157Jun 3, 2024Updated last year
- Ekoparty's BlueSpace Keynote November 2021. Shoutout to @plugxor Muchas Gracias!!!☆13Jun 5, 2023Updated 2 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Feb 1, 2022Updated 4 years ago
- Python wrapper for urlscan.io's API☆105Oct 28, 2021Updated 4 years ago
- Generic Signature Format for SIEM Systems☆18Jul 25, 2023Updated 2 years ago
- Remotely collect linux live forensics artifacts.☆14Jul 8, 2022Updated 3 years ago
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- A Pythonic interface and command line tool for interacting with the InQuest Labs API.☆36Nov 18, 2025Updated 3 months ago
- dankAlerts is powered by Sysmon and Memes. Would you notice if a suspicious process was recorded in the event log?☆18Jun 24, 2020Updated 5 years ago
- Get intelligence info (tags, mitre techniques, yara and more) and find similar malware in a fast and easy way☆19Jun 6, 2022Updated 3 years ago
- A small tool to easily mount APFS image on macOS for forensics.☆16Jul 30, 2020Updated 5 years ago
- A bunch of scripts I use to work with urlscan.io☆35Oct 25, 2019Updated 6 years ago
- High-level Threat Intelligence playbooks☆20Mar 6, 2021Updated 5 years ago
- Presentation materials for talks I've given.☆20Oct 14, 2019Updated 6 years ago
- Another MISP module for Python☆18Feb 17, 2020Updated 6 years ago
- ☆23Oct 9, 2024Updated last year
- Cockroach is your primitive & immortal swiss army knife.☆48Dec 8, 2021Updated 4 years ago
- c2 traffic☆194Feb 6, 2023Updated 3 years ago
- Creating a Feed of MISP Events from ThreatFox (by abuse.ch)☆19Jun 2, 2021Updated 4 years ago
- A generic security incident response playbook investigating and responding to potential compromises of Okta's internal systems, in the co…☆20Mar 24, 2022Updated 3 years ago
- Collection of scripts used to analyse malware or emails☆20Oct 6, 2020Updated 5 years ago
- Remotely Install the Carbon Black Sensor in Bulk, using PowerShell and PSEXEC, silently, on multiple machines.☆23Jul 17, 2020Updated 5 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆343Jun 25, 2022Updated 3 years ago
- ☆20May 10, 2023Updated 2 years ago
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 5 months ago
- Python IOC Editor☆65Mar 10, 2015Updated 10 years ago
- PowerShell script utilized to pull several forensic artifacts from a live Win7 and WinXP system without WINRM.☆51Jan 25, 2018Updated 8 years ago