dod-cyber-crime-center / DC3-MWCPLinks
DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted from malware includes items such as addresses, passwords, filenames, and mutex names.
☆333Updated 7 months ago
Alternatives and similar repositories for DC3-MWCP
Users that are interested in DC3-MWCP are comparing it to the libraries listed below
Sorting:
- YARA Rules I come across on the internet☆351Updated last year
- YARA malware query accelerator (web frontend)☆434Updated last week
- ☆152Updated 6 years ago
- "Evolving AppCompat/AmCache data analysis beyond grep"☆205Updated 4 years ago
- ☆278Updated 2 years ago
- Django web interface for managing Yara rules☆195Updated 7 years ago
- User guide of MISP☆275Updated 9 months ago
- ☆175Updated last year
- Tool to extract indicators of compromise from security reports in PDF format☆74Updated last year
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆199Updated 6 months ago
- Set of Yara rules for finding files using magics headers☆140Updated 5 years ago
- Automatic Yara Rule Generation☆335Updated 9 years ago
- Extension to Cuckoo Sandbox open source projects, adds support to AWS cloud functionalities and enables running emulation on auto-scaling…☆136Updated 3 years ago
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆385Updated 3 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆340Updated 3 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆96Updated last month
- Tool to extract indicators of compromise from security reports in PDF format☆439Updated 2 years ago
- c2 traffic☆190Updated 2 years ago
- ☆304Updated 5 years ago
- A framework for orchestrating forensic collection, processing and data export☆329Updated 3 weeks ago
- IOC from articles, tweets for archives☆317Updated last year
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆247Updated 4 years ago
- Yara rules for malware families seen as part of targeted threats project☆141Updated 8 years ago
- ☆128Updated 8 months ago
- File Scanning Framework☆293Updated 4 years ago
- Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant☆237Updated 2 years ago
- ☆132Updated 4 years ago
- Clusters and elements to attach to MISP events or attributes (like threat actors)☆583Updated last week
- ☆205Updated 2 years ago
- Parse YARA rules and operate over them more easily.☆192Updated 7 months ago