enpoint detection / live analysis & sandbox host / signatures quality test
☆44Apr 22, 2021Updated 4 years ago
Alternatives and similar repositories for irma
Users that are interested in irma are comparing it to the libraries listed below
Sorting:
- Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing☆24May 29, 2023Updated 2 years ago
- Join RHEL and Debian based systems to Active Directory☆11Apr 18, 2020Updated 5 years ago
- Volatility, on Docker 🐳☆41Nov 20, 2025Updated 4 months ago
- `ctxio` gives `io.copy` operations the ability to cancel with context and retrieve progress data.☆12Sep 17, 2021Updated 4 years ago
- ☆22Jun 2, 2023Updated 2 years ago
- ☆23Mar 17, 2024Updated 2 years ago
- gyp: A pure Go YARA parser☆107Mar 13, 2024Updated 2 years ago
- Converting data from services like Censys and Shodan to a common data model☆52Feb 22, 2026Updated 3 weeks ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆33Mar 9, 2022Updated 4 years ago
- FireEye Alert json files to MISP Malware information sharing plattform (Alpha)☆32Jun 11, 2017Updated 8 years ago
- ☆42Sep 16, 2022Updated 3 years ago
- Converts exported results of CAPA tool from .json format to another formats supporting by different tools.☆22Feb 15, 2022Updated 4 years ago
- Knowing which rule should trigger according to the redcannary test☆11Nov 23, 2024Updated last year
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- Yara rules☆22Mar 27, 2023Updated 2 years ago
- ☆10Nov 3, 2021Updated 4 years ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Jan 18, 2023Updated 3 years ago
- Some YARA rules i will add from time to time☆67Mar 25, 2023Updated 2 years ago
- Binalyze logger is an easily customizable wrapper for logrus with log rotation☆28Sep 3, 2021Updated 4 years ago
- Practical Information Sharing between Law Enforcement and CSIRT communities using MISP☆35Sep 18, 2023Updated 2 years ago
- ☆24Sep 28, 2022Updated 3 years ago
- Summarize CTI reports with OpenAI☆18Mar 9, 2026Updated last week
- This repository regroups the Yara Rules for the Unprotect Project☆26Nov 19, 2020Updated 5 years ago
- simple YARA-based IOC scanner☆176Jan 9, 2026Updated 2 months ago
- ESF modular ingestion tool for development and research.☆38Dec 21, 2021Updated 4 years ago
- ☆16Mar 10, 2017Updated 9 years ago
- Alternative YARA scanning engine☆73Aug 23, 2022Updated 3 years ago
- ☆13Feb 25, 2021Updated 5 years ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆23Jan 31, 2024Updated 2 years ago
- Sigma detection rules for hunting with the threathunting-keywords project☆58Mar 2, 2025Updated last year
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆87Mar 11, 2026Updated last week
- An open-source computer forensics tool that can display summary as the result of Windows Event Log analysis based on the chosen function(…☆11Feb 2, 2023Updated 3 years ago
- Script to locate mac-addresses☆11Oct 21, 2020Updated 5 years ago
- Validate IOC from MISP ; Export results and iocs to SIEM and sensors using syslog and CEF format☆14Sep 13, 2016Updated 9 years ago
- eBPF-based EDR for Linux☆18Aug 25, 2024Updated last year
- ☆14May 14, 2018Updated 7 years ago
- Powershell module for VMWare vSphere forensics☆170Nov 8, 2024Updated last year
- Command-line tool to search for malware samples in various repositories☆13Mar 3, 2022Updated 4 years ago