fortinet / ips-bph-frameworkLinks
BLACKPHENIX is an open source malware analysis automation framework composed of services, scripts, plug-ins, and tools and is based on a Command-and-Control (C&C) architecture
☆31Updated 2 years ago
Alternatives and similar repositories for ips-bph-framework
Users that are interested in ips-bph-framework are comparing it to the libraries listed below
Sorting:
- Community-based integrated malware identification system☆82Updated 2 years ago
- Presentation materials for talks I've given.☆20Updated 6 years ago
- hassh-utils: Nmap NSE Script and Docker image for HASSH - the SSH client/server fingerprinting method (https://github.com/salesforce/hass…☆60Updated last year
- IDS Utility Belt For Automating/Testing Various Things☆30Updated 5 years ago
- Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research☆53Updated 7 years ago
- Endpoint monitoring stack.☆19Updated 9 years ago
- Script to parse Process Monitor XML log file, and give you a summary report.☆23Updated 9 years ago
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Updated 6 years ago
- The mission of Black Lotus Labs is to leverage our network visibility to both help protect customers and keep the internet clean.☆12Updated 4 years ago
- Public rules and samples for various automations through LimaCharlie.io☆13Updated 3 years ago
- Parses Java Cache IDX files☆39Updated 7 years ago
- A Maltego transform for VirusTotal Submitter Information☆35Updated 6 years ago
- Volatility memory forensics plugin for extracting Windows DNS Cache☆29Updated 8 years ago
- Rekall Forensics and Incident Response Framework with rVMI extensions☆32Updated 4 years ago
- Notebooks created to attack and secure Active Directory environments☆27Updated 5 years ago
- Passive Network Audit Framework☆32Updated 7 years ago
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Updated 2 years ago
- Sysmon config for both Windows and Linux Devices. Windows one is a bit dated☆56Updated last year
- IoC's, PCRE's, YARA's etc☆24Updated 6 months ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆30Updated 5 years ago
- A curated list of tools for incident response☆31Updated last year
- Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident re…☆32Updated 9 years ago
- Yara rules to be used with the Burp Yara-Scanner extension☆49Updated 3 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Updated 7 years ago
- ☆12Updated 7 years ago
- JoeSandbox-Bro is a simple bro script which extracts files from your internet connection and analyzes them automatically on Joe Sandbox☆45Updated 6 years ago
- A series of Bro Scripts created for detection purposes.☆19Updated 8 years ago
- Volatility Framework plugin to detect various types of hooks as performed by banking Trojans☆40Updated 6 years ago
- Sniffles: Packet Capture Generator for IDS and Regular Expression Evaluation☆63Updated 4 years ago
- Security tools, scanners, exploit code☆31Updated 8 years ago