fr0gger / IATelligenceLinks
IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&CK matrix related
☆368Updated 2 years ago
Alternatives and similar repositories for IATelligence
Users that are interested in IATelligence are comparing it to the libraries listed below
Sorting:
- ☆226Updated 3 years ago
- Jupyter Notebooks for the Blue Team☆146Updated 6 months ago
- Different learning materials☆228Updated last week
- ☆513Updated 11 months ago
- MAL-CL (Malicious Command-Line)☆317Updated 2 years ago
- ☆197Updated last year
- This repository contains indicators of compromise (IOCs) of our various investigations.☆291Updated last week
- A python script developed to process Windows memory images based on triage type.☆265Updated last year
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆331Updated 4 months ago
- Just some lists of Malware Configs☆172Updated 8 months ago
- ☆143Updated 2 months ago
- Signatures and IoCs from public Volexity blog posts.☆356Updated 2 weeks ago
- A ProcessMonitor visualization application written in rust.☆183Updated 2 years ago
- ☆204Updated 10 months ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆204Updated 3 years ago
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆196Updated last week
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆257Updated 2 years ago
- Rules generated from our investigations.☆201Updated 3 months ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆242Updated this week
- CLI tools for forensic investigation of Windows artifacts☆347Updated 2 months ago
- ☆161Updated 2 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97Updated 2 years ago
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆138Updated last year
- Some Threat Hunting queries useful for blue teamers☆128Updated 3 years ago
- Ransomware simulator written in Golang☆450Updated 3 years ago
- ☆212Updated 3 months ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆605Updated last month
- MAD ATT&CK Defender: ATT&CK Adversary Emulation Repository☆120Updated 2 years ago
- Repository of attack and defensive information for Business Email Compromise investigations☆262Updated 4 months ago
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆248Updated 5 months ago