conexioninversa / WOPR
Globally distributed honeypots and HoneyNets IOCs and file reversing
☆16Updated 4 months ago
Related projects: ⓘ
- Links to malware-related YARA rules☆14Updated last year
- Tweettioc Splunk App☆20Updated 4 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆32Updated 2 years ago
- ☆37Updated this week
- Windows GUI/Execution Engine for Atomic Red Team Atomics☆33Updated 4 years ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 3 years ago
- Queries for Carbon Black Response☆11Updated 4 years ago
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆34Updated 2 years ago
- ☆40Updated 5 months ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆74Updated 2 years ago
- Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine☆22Updated 3 years ago
- Automated detection rule analysis utility☆29Updated last year
- Standardized Malware Analysis Tool☆51Updated 3 years ago
- A repository of Sysmon For Linux configuration modules☆14Updated 2 years ago
- DFIR notes for Citrix ADC (NetScaler) appliances vulnerable to CVE-2019-19781☆45Updated 4 years ago
- THOR MITRE ATT&CK Framework Coverage☆24Updated 4 years ago
- Notebooks created to attack and secure Active Directory environments☆27Updated 4 years ago
- Tool to read EVTX files including SYSMON and convert to JSON, MISP Objects and Graph stream☆11Updated 3 years ago
- C# User Simulation☆33Updated last year
- ☆42Updated last year
- Tracking APT IOCs☆24Updated 3 years ago
- Threat Mapping Catalogue☆17Updated 3 years ago
- Carbon Black Response IR tool☆53Updated 3 years ago
- YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.☆27Updated 2 years ago
- Placeholder for my detection repo and misc detection engineering content☆43Updated 10 months ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆32Updated 7 months ago
- Presentation materials for talks I've given.☆20Updated 4 years ago
- Can you pay the ransom in your country?☆13Updated 9 months ago
- Gunslinger is used to hunt for Magecart sites using URLScan's API☆30Updated 2 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆30Updated 4 years ago