ganboing / malwarecookbook
Automatically exported from code.google.com/p/malwarecookbook
☆40Updated 9 years ago
Alternatives and similar repositories for malwarecookbook:
Users that are interested in malwarecookbook are comparing it to the libraries listed below
- Slides and Other Resources from my latest Talks and Presentations☆24Updated 4 years ago
- Volatility plugins created by the author☆44Updated 9 years ago
- Dump of organized knowledge on DFIR☆134Updated 3 years ago
- Python IOC Editor☆62Updated 10 years ago
- FRAC and RIFT☆17Updated 6 years ago
- SEC599 supporting GitHub repository☆16Updated 5 years ago
- Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files☆115Updated 10 months ago
- Collection of useful, up to date, Carbon Black Response Queries☆83Updated 4 years ago
- Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malici…☆82Updated 7 years ago
- Three datasets to practice Threat Hunting against.☆43Updated last year
- ☆39Updated 5 years ago
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆63Updated 2 years ago
- Repository of scripts/tools that may be useful in Security Operations Centres (SOC)☆54Updated 4 years ago
- Extract common Windows artifacts from source images and VSCs☆65Updated 3 years ago
- PE Import Hash Generator☆76Updated 7 years ago
- CB API scripts for IR, administration, etc.☆32Updated 5 years ago
- Hunt malware with Volatility☆47Updated 10 months ago
- Extract BITS jobs from QMGR queue and store them as CSV records☆75Updated last month
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆44Updated 3 years ago
- Repository containing IOCs, CSV and MISP JSON from our blogs☆80Updated 3 years ago
- Term concordances for each course in the SANS DFIR curriculum. Used for automated index generation.☆66Updated 4 years ago
- A Splunk app with saved reports derived from Sigma rules☆73Updated 6 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆71Updated 9 months ago
- Random hunting ordiented yara rules☆95Updated 2 years ago
- Analyze binaries collected in VMware Carbon Black EDR against Yara rules.☆37Updated 2 years ago
- InvestigationPlaybookSpec☆72Updated 7 years ago
- A collection of infosec related scripts and information.☆53Updated 6 months ago
- Mitre Att&ck Technique Emulation☆82Updated 6 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- Page File analysis tools.☆126Updated 9 years ago