faisalusuf / ThreatIntelligenceView external linksLinks
Tracking APT IOCs
☆25Nov 16, 2020Updated 5 years ago
Alternatives and similar repositories for ThreatIntelligence
Users that are interested in ThreatIntelligence are comparing it to the libraries listed below
Sorting:
- Steezy - Ghetto Yara Generation☆15Mar 27, 2023Updated 2 years ago
- Scripts, Yara rules and other files developed during malware investigations☆27Aug 19, 2022Updated 3 years ago
- ☆22Dec 22, 2020Updated 5 years ago
- This repository contains various files linked to Operation Shadowhammer as it was originally discovered by Kaspersky Team.☆12Mar 27, 2019Updated 6 years ago
- ☆13Nov 10, 2020Updated 5 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆29Jun 11, 2020Updated 5 years ago
- Plugins for the Viper Framework☆14Sep 21, 2019Updated 6 years ago
- ☆14Jun 5, 2019Updated 6 years ago
- Vuls Beater for Elasticsearch - connecting vuls☆17Dec 15, 2020Updated 5 years ago
- a very simple rootkit for fun☆19Nov 6, 2018Updated 7 years ago
- Simple decrypter for strings used in SamSam Ransomware samples.☆18Feb 21, 2020Updated 5 years ago
- The Multiplatform Linux Sandbox☆16Dec 19, 2023Updated 2 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆24Mar 27, 2017Updated 8 years ago
- ☆21Jul 27, 2020Updated 5 years ago
- OLE Package Format Documentation☆22Jun 13, 2020Updated 5 years ago
- A collection of Covid-19 related threat intelligence and resources.☆19Jul 17, 2020Updated 5 years ago
- A library for fast parse & import of Windows Eventlogs into Elasticsearch.☆86Jun 23, 2025Updated 7 months ago
- Scripts to aid analysis of files obfuscated with ScatterBee.☆24Jan 6, 2023Updated 3 years ago
- A Zeek package to detect CVE-2021-42292, a Microsoft Excel local privilege escalation exploit.☆18Nov 11, 2021Updated 4 years ago
- Creating a Feed of MISP Events from ThreatFox (by abuse.ch)☆19Jun 2, 2021Updated 4 years ago
- gopclntab finder and analyzer for Radare2☆21Aug 15, 2020Updated 5 years ago
- Build Automated Machine Images for MISP☆29Jun 9, 2023Updated 2 years ago
- Telsy CTI Research Team☆57Dec 15, 2020Updated 5 years ago
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 6 years ago
- Let's try to create a rootkit!☆19Mar 6, 2020Updated 5 years ago
- Elastic TIP is a python tool which automates the process of aggregating Threat Intelligence and ingesting the intelligence into a common …☆28Jul 30, 2024Updated last year
- Various Modules & Scripts for use with Viper Framework☆27Aug 20, 2019Updated 6 years ago
- ☆72Nov 17, 2016Updated 9 years ago
- Notes and IoCs of fresh malware☆61Jul 5, 2024Updated last year
- ssdeep cluster analysis for malware files☆31Jun 5, 2020Updated 5 years ago
- Ursnif beacon decryptor☆27Mar 20, 2023Updated 2 years ago
- .NET deobfuscator and unpacker (with a control flow unflattener for DoubleZero added).☆29Jun 14, 2022Updated 3 years ago
- 针对邮件协议POP3、SMTP、IMAP进行账户安全性测试☆26Mar 27, 2018Updated 7 years ago
- Various config files obtained during malware analysis☆67Oct 31, 2018Updated 7 years ago
- Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.☆30Jun 7, 2023Updated 2 years ago
- Serverless, real-time, ClamAV+Yara scanning for your S3 Buckets☆33Jan 14, 2026Updated last month
- The "Let's-defend-solution" directory contains the answers to all paths of the Let's Defend platform that were saved by the creator 8 mon…☆12Apr 27, 2023Updated 2 years ago
- ☆30Jul 18, 2025Updated 6 months ago
- Gunslinger is used to hunt for Magecart sites using URLScan's API☆31Mar 15, 2022Updated 3 years ago