fulmetalpackets / protohacking

Related projects: ⓘ

• ps-interactive / labs_modern_malware_c2
  labs_modern_malware_c2 Originally supporting Defcon workshop, will morph into Attack Defend for C2.
  ☆18Updated 2 years ago
• ezaspy / elrond
  Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
  ☆29Updated 2 months ago
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆68Updated 6 months ago
• fox-it / skrapa
  A zero dependency and customizable Python library for scanning Windows and Linux process memory.
  ☆61Updated 7 months ago
• jstrosch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆49Updated 4 months ago
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆72Updated 2 years ago
• Neo23x0 / ThreatResearch-Reporting-Guide
  Offensive Research Guide to Help Defense Improve Detection
  ☆29Updated last year
• d4rk-d4nph3 / Ransim
  Ransomware Simulator for testing Blue Team Detections
  ☆34Updated 2 years ago
• AndrewRathbun / Anti-Forensics-VHDX
  A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…
  ☆25Updated last year
• 100DaysofYARA / 2022
  ☆22Updated last year
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆86Updated last year
• slaughterjames / excelpeek
  ☆37Updated 2 years ago
• hpthreatresearch / tools
  Scripts and tools accompanying HP Threat Research blog posts and reports.
  ☆48Updated 5 months ago
• cyberbuff / TheAtomicPlaybook
  The Atomic Playbook contains TTPs from the MITRE ATT&CK framework mapped to the tests in the Atomic Red Team. It serves as a single resou…
  ☆28Updated 8 months ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆49Updated 2 months ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆62Updated 2 years ago
• ssnkhan / adversarial-threat-modelling
  Supporting material for my presentation "Adversarial Threat Modelling — A Practical Approach to Purple Teaming in the Enterprise"
  ☆50Updated 2 years ago
• mlgualtieri / PurpleTeamSummit
  ☆25Updated 3 years ago
• curated-intel / attack-lookup
  A MITRE ATT&CK Lookup Tool
  ☆41Updated 4 months ago
• Squiblydoo / certReport
  A tool to support the reporting of Authenticode Certificates by reducing the effort on individuals to report.
  ☆22Updated 3 weeks ago
• stvemillertime / RonnieColemanYARAParser
  An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.
  ☆21Updated last year
• Hestat / calamity
  A script to assist in processing forensic RAM captures for malware triage
  ☆27Updated 3 years ago
• vc0RExor / Quick-Analysis
  Quick analysis focusing on most important of a Malware or a Threat
  ☆39Updated last year
• NVISOsecurity / nviso-cti
  ☆40Updated 5 months ago
• stvemillertime / Cerebro
  Scripts and lists to help generate YARA friendly string mutations
  ☆19Updated last year
• iThreatopedia / iThreatopedia.github.io
  A happy place for detection engineers, purple teamers and threat hunters focusing on macOS.
  ☆20Updated 2 years ago
• Retrospected / PurpleKeep
  Providing Azure pipelines to create an infrastructure and run Atomic tests.
  ☆48Updated last year
• freeload101 / Bloodhound-Portable
  Bloodhound Portable for Windows
  ☆51Updated last year
• MHaggis / ShellSweep
  ShellSweeping the evil.
  ☆49Updated 3 months ago
• Squiblydoo / MalAPIReader
  Reads and prints information from the website MalAPI.io
  ☆19Updated 2 years ago