dod-cyber-crime-center / DC3-MWCPLinks
DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted from malware includes items such as addresses, passwords, filenames, and mutex names.
☆331Updated 6 months ago
Alternatives and similar repositories for DC3-MWCP
Users that are interested in DC3-MWCP are comparing it to the libraries listed below
Sorting:
- YARA malware query accelerator (web frontend)☆435Updated 5 months ago
- YARA Rules I come across on the internet☆349Updated last year
- Extension to Cuckoo Sandbox open source projects, adds support to AWS cloud functionalities and enables running emulation on auto-scaling…☆136Updated 3 years ago
- Set of Yara rules for finding files using magics headers☆139Updated 4 years ago
- ☆152Updated 6 years ago
- ☆278Updated 2 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆340Updated 3 years ago
- ☆303Updated 5 years ago
- User guide of MISP☆272Updated 7 months ago
- ☆175Updated last year
- "Evolving AppCompat/AmCache data analysis beyond grep"☆205Updated 3 years ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆196Updated 5 months ago
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆379Updated 3 years ago
- Django web interface for managing Yara rules☆193Updated 7 years ago
- A framework for orchestrating forensic collection, processing and data export☆326Updated this week
- File Scanning Framework☆294Updated 3 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆96Updated last week
- Yara rules for malware families seen as part of targeted threats project☆139Updated 8 years ago
- 16,432 Free Yara rules created by☆385Updated 6 years ago
- Automatic Yara Rule Generation☆334Updated 9 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆72Updated last year
- Data from a BRAWL Automated Adversary Emulation Exercise☆210Updated 4 years ago
- c2 traffic☆189Updated 2 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆437Updated 2 years ago
- IOC from articles, tweets for archives☆315Updated last year
- Repository containing IOCs, CSV and MISP JSON from our blogs☆81Updated 4 years ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆246Updated 4 years ago
- Clusters and elements to attach to MISP events or attributes (like threat actors)☆579Updated last week
- ☆132Updated 4 years ago
- Security ML models encoded as Yara rules☆213Updated 2 years ago