ganboing / malwarecookbook

Related projects ⓘ

Alternatives and complementary repositories for malwarecookbook

• NVISOsecurity / SEC599
  SEC599 supporting GitHub repository
  ☆15Updated 5 years ago
• YahooArchive / PyIOCe
  Python IOC Editor
  ☆61Updated 9 years ago
• advanced-threat-research / IOCs
  Repository containing IOCs, CSV and MISP JSON from our blogs
  ☆79Updated 3 years ago
• aboutsecurity / Talks-and-Presentations
  Slides and Other Resources from my latest Talks and Presentations
  ☆24Updated 3 years ago
• nheijmans / malzoo
  Mass static malware analysis tool
  ☆91Updated 2 years ago
• Yara-Rules / yara-endpoint
  Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
  ☆104Updated 6 years ago
• SCILabsMX / yaraZeekAlert
  This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…
  ☆60Updated 11 months ago
• ashwin-patil / threat-hunting-with-notebooks
  Repository with Sample threat hunting notebooks on Security Event Log Data Sources
  ☆58Updated last year
• swisscom / PowerGRR
  PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.
  ☆56Updated 2 years ago
• Jrotenberger / Powershell-IR-Scripts
  ☆39Updated 5 years ago
• PoorBillionaire / Windows-Prefetch-Parser
  Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files
  ☆115Updated 5 months ago
• bartblaze / MaTiRe
  Malware Analysis, Threat Intelligence and Reverse Engineering: LABS
  ☆81Updated 3 years ago
• sbousseaden / YaraHunts
  Random hunting ordiented yara rules
  ☆95Updated last year
• MHaggis / CBR-Queries
  Collection of useful, up to date, Carbon Black Response Queries
  ☆83Updated 4 years ago
• nerdiosity / DNSplice
  To parse ugly Microsoft DNS Logs....
  ☆40Updated 6 years ago
• daverstephens / The-SOC-Shop
  Repository of scripts/tools that may be useful in Security Operations Centres (SOC)
  ☆54Updated 4 years ago
• marcurdy / dfir-toolset
  Dump of organized knowledge on DFIR
  ☆132Updated 3 years ago
• certsocietegenerale / fame_modules
  Community modules for FAME
  ☆64Updated this week
• PaloAltoNetworks / ioc-parser
  Tool to extract indicators of compromise from security reports in PDF format
  ☆72Updated 5 months ago
• Cyb3rPandaH / Tableau-ATTCK
  Understanding ATT&CK Matrix for Enterprise
  ☆79Updated 6 years ago
• MinervaLabsResearch / Mystique
  Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malici…
  ☆80Updated 7 years ago
• teamdfir / concordance
  Term concordances for each course in the SANS DFIR curriculum. Used for automated index generation.
  ☆65Updated 4 years ago
• csababarta / volatility_plugins
  Volatility plugins created by the author
  ☆44Updated 9 years ago
• mosse-security / threat-hunting-samples
  Three datasets to practice Threat Hunting against.
  ☆41Updated 10 months ago
• Jrotenberger / CBIRAutomation
  CB API scripts for IR, administration, etc.
  ☆32Updated 5 years ago
• chaoticmachinery / frac_rift
  FRAC and RIFT
  ☆17Updated 5 years ago
• hxnoyd / ossem-power-up
  A tool to assess data quality, built on top of the awesome OSSEM.
  ☆76Updated 2 years ago
• sans-blue-team / sec555-wiki
  ☆77Updated 5 years ago
• S03D4-164 / Hiryu
  IOC Management and Visualization Tool
  ☆47Updated last year
• fugawi / mate
  Mitre Att&ck Technique Emulation
  ☆82Updated 5 years ago