dfrws / dfrws2018-challenge
The DFRWS 2018 challenge (extended into 2019) is the second in a series of challenges dealing with Internet of Things (IoT). IoT is defined generally to include network and Internet connected devices usually for the purpose of monitoring and automation tasks. Consumer-grade “Smart” devices are increasing in popularity and scope. These devices an…
☆57Updated 3 years ago
Related projects: ⓘ
- Personal compilation of APT malware from whitepaper releases, documents and own research☆253Updated 5 years ago
- General repository for compiled and uncompiled EnCase EnScripts☆46Updated 3 years ago
- Cuckoo Sandbox is an automated dynamic malware analysis system☆106Updated 4 years ago
- A collection of infosec related scripts and information.☆53Updated last week
- Cuckoo running in a nested hypervisor☆128Updated 4 years ago
- Page File analysis tools.☆124Updated 8 years ago
- An advanced memory forensics framework☆92Updated 4 years ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆59Updated 9 months ago
- Miscellaneous Malware RE☆195Updated 2 years ago
- repository of tools & resources of the MMD team☆131Updated 2 years ago
- Various capabilities for static malware analysis.☆75Updated 2 weeks ago
- Tools to interact with APTnotes reporting/index.☆94Updated 3 years ago
- Autoruns plugin for the Volatility framework☆118Updated 5 years ago
- snake - a malware storage zoo☆217Updated last year
- Detecting Lateral Movement with Machine Learning☆137Updated 6 years ago
- Malware Analysis, Threat Intelligence and Reverse Engineering: LABS☆80Updated 3 years ago
- Scripts to analyze stuff☆141Updated last week
- ☆140Updated this week
- MAEC Schemas and Schema Development☆83Updated 4 years ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆180Updated 4 years ago
- Differential Analysis of Malware in Memory☆209Updated 7 years ago
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆128Updated last year
- Deception based detection techniques mapped to the MITRE’s ATT&CK framework☆280Updated 6 years ago
- ☆237Updated this week
- Lazy Office Analyzer☆118Updated 7 years ago
- Valhalla API Client☆62Updated last year
- Understanding ATT&CK Matrix for Enterprise☆79Updated 6 years ago
- Collecting & Hunting for IOCs with gusto and style☆235Updated 3 years ago
- Malware Analyst's Cookbook stuffs☆150Updated 8 years ago
- Set of Yara rules for finding files using magics headers☆134Updated 4 years ago