evilsocket / sauron
A minimalistic cross-platform malware scanner with non-blocking realtime filesystem monitoring using YARA rules.
☆221Updated 2 years ago
Alternatives and similar repositories for sauron:
Users that are interested in sauron are comparing it to the libraries listed below
- A fast and secure multi protocol honeypot.☆314Updated 2 years ago
- Melody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulatio…☆140Updated 3 weeks ago
- Signature based honeypot detector tool written in Golang☆89Updated this week
- Artifact collection tool for *nix systems☆202Updated 11 months ago
- WhiteBeam: Transparent endpoint security☆100Updated last year
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆147Updated last year
- Login Pages Database forms a knowledge base on login pages related to malicious activities (C2 panels, phishing kits...).☆39Updated 2 years ago
- firedrill is a malware simulation harness for evaluating your security controls☆148Updated last year
- Repository and archive for Killing The Bear Gitbook☆84Updated last year
- A tool designed to hunt for Phishing Kit source code☆220Updated last year
- Canary Detection☆164Updated 11 months ago
- Pandora is an analysis framework to discover if a file is suspicious and conveniently show the results☆258Updated this week
- C2 Active Scanner☆52Updated 8 months ago
- NIST-based CVE lookup store and API powered by Rust.☆129Updated last month
- A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.☆137Updated 7 months ago
- LOKI2 - Simple IOC and YARA Scanner☆86Updated 7 months ago
- How to setup a honeypot with an IDS, ELK and TLS traffic inspection☆157Updated 2 years ago
- Boomerang is a tool to expose multiple internal servers to web/cloud. Agent & Server are pretty stable and can be used in Red Team for Mu…☆220Updated 4 years ago
- Ransomware leak site monitoring☆311Updated 3 years ago
- Tool to analyze and detect MITM phishing toolkits on the web.☆81Updated 3 years ago
- PCAP visualization tool☆103Updated last year
- Crawlector is a threat hunting framework designed for scanning websites for malicious objects.☆126Updated last year
- Let's be scanned. A low-interaction honeypot focused on network scanners and bots. It integrates very well with IVRE to build a self-host…☆118Updated this week
- macOS forensic timeline generator using the analysis result DBs of mac_apt☆92Updated last year
- This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.☆111Updated last year
- My very personal and opinionatedly organized infosec/cybersec sources in one OPML file☆56Updated 2 years ago
- Cyber Underground General Intelligence Requirements☆90Updated last year
- Algorithme d'apprentissage statistique permettant de créer un modèle sur les lignes de commandes des évènements "Création de Processus", …☆82Updated last year
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆130Updated 3 years ago
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆66Updated last year