fortinet / ips-bph-framework
BLACKPHENIX is an open source malware analysis automation framework composed of services, scripts, plug-ins, and tools and is based on a Command-and-Control (C&C) architecture
☆30Updated last year
Related projects ⓘ
Alternatives and complementary repositories for ips-bph-framework
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Updated last year
- GUI Tool to generate threat intelligence information in various formats☆43Updated 6 years ago
- ☆20Updated 4 years ago
- ☆27Updated 6 years ago
- Public rules and samples for various automations through LimaCharlie.io☆11Updated 2 years ago
- Microsoft Flow Attack Framework☆23Updated 4 years ago
- Collection Of Scripts And Utilities For Windows Event Hunting☆16Updated 4 years ago
- vyos based isolation of networks☆11Updated 4 years ago
- Indicator of Compromise Scanner for CVE-2019-19781☆92Updated 4 years ago
- Simple tool to find the yara matches on a file☆1Updated 6 years ago
- This is a python version of samesame repo to generate homograph strings☆23Updated 6 years ago
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns by leveraging Windows Events and Sys…☆12Updated 7 years ago
- Working through Practical Malware Analysis from No Starch Press☆13Updated 7 years ago
- A PowerShell tool which provides an easy way to check for shared passwords between Windows Active Directory accounts☆33Updated 5 years ago
- Python script to automatically create sigma rules from The hive observables☆23Updated 5 years ago
- Powershell / C# based cross platform forensic framework based for live incident response☆22Updated 4 years ago
- Rekall is an endpoint security solution.☆39Updated 6 years ago
- Audit Powershell and search from known keywords in history #Blueteam☆25Updated 4 years ago
- Accompanying PowerShell Modules for DevSec Defense Presentation☆28Updated 6 years ago
- Cybersecurity Incidents Mind Maps☆32Updated 3 years ago
- Rekall Forensics and Incident Response Framework with rVMI extensions☆33Updated 3 years ago
- ☆33Updated 3 years ago
- Parsing MITRE EDR Evaluation results☆12Updated 5 years ago
- Useful Windows and AD tools☆15Updated 2 years ago
- Passive Network Audit Framework☆32Updated 6 years ago
- A simple tool to detect NBT-NS and LLMNR spoofing (and messing with them a bit)☆35Updated 5 years ago
- CertWatcher is a new take on monitoring for phishing sites. It is meant to be a set and forget service that will send you a daily report …☆11Updated 4 years ago
- Presentation materials for talks I've given.☆20Updated 5 years ago
- PowerShell script for hardening GE digital CIMPLICITY servers☆22Updated 3 years ago