fox-it / cisco-ios-xe-implant-detection
Cisco IOS XE implant scanning & detection (CVE-2023-20198, CVE-2023-20273)
☆37Updated 10 months ago
Related projects: ⓘ
- yara detection rules for hunting with the threathunting-keywords project☆75Updated last week
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆62Updated 2 years ago
- Lightweight Python-Based Malware Analysis Pipeline☆29Updated this week
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆48Updated last year
- HTTP Headers Hashing (HHHash) is a technique used to create a fingerprint of an HTTP server based on the headers it returns.☆75Updated last year
- ShellSweeping the evil.☆49Updated 3 months ago
- Source code and examples for Antignis☆36Updated last year
- PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…☆93Updated 3 years ago
- MS Graph Commands and Tools for Blue Teamers☆47Updated 10 months ago
- MalStatWare automates malware analysis with Python. Extract key details like file size, type, hash, path, and digital signature. It analy…☆28Updated 4 months ago
- Yara Rules for Modern Malware☆68Updated 6 months ago
- information about ransomware groups (Ransomware Analysis Notes)☆36Updated 8 months ago
- Open IOC sharing platform☆52Updated 11 months ago
- ☆31Updated 5 months ago
- create a "simulated internet" cyber range environment☆11Updated 2 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆49Updated 4 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆108Updated 5 months ago
- CIS Benchmark testing of Windows SIEM configuration☆44Updated last year
- Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.☆48Updated 2 weeks ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 2 years ago
- This script provides a Python library with methods to authenticate to various sources of threat intelligence and query IPs for the latest…☆18Updated 2 years ago
- ☆34Updated 5 months ago
- ☆29Updated last year
- ☆21Updated 2 years ago
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆57Updated last year
- ☆78Updated last year
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.☆31Updated last month
- This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malwar…☆21Updated last week
- An extension of the sigma standard to include security metrics.☆14Updated last year
- ASR Configurator, Essentials and Atomic Testing☆32Updated 3 weeks ago
- Placeholder for my detection repo and misc detection engineering content☆43Updated 11 months ago