fr0gger / IATelligence
IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&CK matrix related
☆347Updated last year
Related projects: ⓘ
- ☆503Updated last month
- A repository of DFIR-related Mind Maps geared towards the visual learners!☆508Updated 2 years ago
- Jupyter Notebooks for the Blue Team☆139Updated last year
- Signatures and IoCs from public Volexity blog posts.☆307Updated last month
- MAL-CL (Malicious Command-Line)☆308Updated last year
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆544Updated 11 months ago
- ☆185Updated last year
- A centralized and enhanced memory analysis platform☆355Updated last week
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆266Updated 3 weeks ago
- ☆194Updated 7 months ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆192Updated 2 years ago
- A python script developed to process Windows memory images based on triage type.☆259Updated 9 months ago
- CLI tools for forensic investigation of Windows artifacts☆296Updated last month
- Awesome list of keywords and artifacts for Threat Hunting sessions☆436Updated 2 weeks ago
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆497Updated 2 weeks ago
- ☆220Updated 2 years ago
- Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.☆636Updated last year
- Rules generated from our investigations.☆186Updated last month
- a tool to help operate in EDRs' blind spots☆639Updated 5 months ago
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆578Updated 3 months ago
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆238Updated last year
- Ransomware simulator written in Golang☆401Updated 2 years ago
- Threat Hunting tool about Sysmon and graphs☆328Updated last year
- Some Threat Hunting queries useful for blue teamers☆120Updated 2 years ago
- This repository contains indicators of compromise (IOCs) of our various investigations.☆205Updated 4 months ago
- Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques☆300Updated 3 months ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆658Updated last month
- The Volatility Collaborative GUI☆217Updated last week
- Resources To Learn And Understand SIGMA Rules☆163Updated last year