fortinet / ips-bph-frameworkLinks
BLACKPHENIX is an open source malware analysis automation framework composed of services, scripts, plug-ins, and tools and is based on a Command-and-Control (C&C) architecture
☆31Updated 2 years ago
Alternatives and similar repositories for ips-bph-framework
Users that are interested in ips-bph-framework are comparing it to the libraries listed below
Sorting:
- Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research☆53Updated 7 years ago
- A Maltego transform for VirusTotal Submitter Information☆35Updated 6 years ago
- Community-based integrated malware identification system☆82Updated 2 years ago
- This repository contains various files linked to Operation Shadowhammer as it was originally discovered by Kaspersky Team.☆12Updated 6 years ago
- Script to parse Process Monitor XML log file, and give you a summary report.☆23Updated 9 years ago
- Handy scripts to speed up malware analysis☆35Updated last year
- Accompanying PowerShell Modules for DevSec Defense Presentation☆29Updated 7 years ago
- Presentation materials for talks I've given.☆20Updated 5 years ago
- Endpoint monitoring stack.☆18Updated 9 years ago
- Microsoft Flow Attack Framework☆23Updated 5 years ago
- Indicator of Compromise Scanner for CVE-2019-19781☆94Updated 5 years ago
- ☆23Updated 5 years ago
- ☆20Updated 4 years ago
- This is a python version of samesame repo to generate homograph strings☆23Updated 6 years ago
- IoC's, PCRE's, YARA's etc☆24Updated 3 months ago
- hassh-utils: Nmap NSE Script and Docker image for HASSH - the SSH client/server fingerprinting method (https://github.com/salesforce/hass…☆58Updated 9 months ago
- Yara rules to be used with the Burp Yara-Scanner extension☆48Updated 3 years ago
- Public rules and samples for various automations through LimaCharlie.io☆13Updated 3 years ago
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Updated 5 years ago
- The mission of Black Lotus Labs is to leverage our network visibility to both help protect customers and keep the internet clean.☆12Updated 4 years ago
- Notebooks created to attack and secure Active Directory environments☆27Updated 5 years ago
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Updated last year
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆30Updated 5 years ago
- Event Log Analysis Tools☆29Updated 8 years ago
- This is a repository for the public blog with Labs indicators of compromise and code☆18Updated 5 years ago
- A Heroku-based web honeypot that can be used to create and monitor fake HTTP endpoints (i.e. honeytokens).☆64Updated 6 years ago
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 6 years ago
- Sysmon config for both Windows and Linux Devices. Windows one is a bit dated☆57Updated last year
- Rekall Forensics and Incident Response Framework with rVMI extensions☆33Updated 4 years ago
- This is a repository for the public blog with Labs indicators of compromise.☆10Updated 5 years ago