fox-it / cisco-ios-xe-implant-detection

Related projects: ⓘ

• mthcht / ThreatHunting-Keywords-yara-rules
  yara detection rules for hunting with the threathunting-keywords project
  ☆75Updated last week
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆62Updated 2 years ago
• threatcat-ch / malware-analysis-pipeline
  Lightweight Python-Based Malware Analysis Pipeline
  ☆29Updated this week
• Retrospected / PurpleKeep
  Providing Azure pipelines to create an infrastructure and run Atomic tests.
  ☆48Updated last year
• adulau / HHHash
  HTTP Headers Hashing (HHHash) is a technique used to create a fingerprint of an HTTP server based on the headers it returns.
  ☆75Updated last year
• MHaggis / ShellSweep
  ShellSweeping the evil.
  ☆49Updated 3 months ago
• huntandhackett / Antignis
  Source code and examples for Antignis
  ☆36Updated last year
• packetsifter / packetsifterTool
  PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…
  ☆93Updated 3 years ago
• xg5-simon / MS-Graph-BlueTeam
  MS Graph Commands and Tools for Blue Teamers
  ☆47Updated 10 months ago
• OSTEsayed / OSTE-MalStatWare
  MalStatWare automates malware analysis with Python. Extract key details like file size, type, hash, path, and digital signature. It analy…
  ☆28Updated 4 months ago
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆68Updated 6 months ago
• StrangerealIntel / Shadow-Pulse
  information about ransomware groups (Ransomware Analysis Notes)
  ☆36Updated 8 months ago
• abusech / ThreatFox
  Open IOC sharing platform
  ☆52Updated 11 months ago
• pr0xylife / Pikabot
  ☆31Updated 5 months ago
• chipmanfu / Cyber-Range
  create a "simulated internet" cyber range environment
  ☆11Updated 2 months ago
• jstrosch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆49Updated 4 months ago
• CTI-Driven / LOLBins
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆108Updated 5 months ago
• SevenStones / auditpolCIS
  CIS Benchmark testing of Windows SIEM configuration
  ☆44Updated last year
• CERN-CERT / pDNSSOC
  Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.
  ☆48Updated 2 weeks ago
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆72Updated 2 years ago
• jasonsford / IPScraper
  This script provides a Python library with methods to authenticate to various sources of threat intelligence and query IPs for the latest…
  ☆18Updated 2 years ago
• eric-conrad / c2-talk
  ☆34Updated 5 months ago
• Atomics-on-A-Friday / Emulation-Tools
  ☆29Updated last year
• RiverGumSecurity / RegEx
  ☆21Updated 2 years ago
• BushidoUK / Abused-Legitimate-Services
  Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
  ☆57Updated last year
• silverfort-open-source / latma
  ☆78Updated last year
• cyb3rmik3 / Hunting-Lists
  A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.
  ☆31Updated last month
• bobby-tablez / Enable-All-The-Logs
  This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malwar…
  ☆21Updated last week
• priamai / sigmatau
  An extension of the sigma standard to include security metrics.
  ☆14Updated last year
• MHaggis / ASRGEN
  ASR Configurator, Essentials and Atomic Testing
  ☆32Updated 3 weeks ago
• cybergoatpsyops / detections
  Placeholder for my detection repo and misc detection engineering content
  ☆43Updated 11 months ago