herosi / triage-collectorLinks
☆23Updated 10 months ago
Alternatives and similar repositories for triage-collector
Users that are interested in triage-collector are comparing it to the libraries listed below
Sorting:
- ☆34Updated 2 years ago
- Modular malware analysis artifact collection and correlation framework☆53Updated last year
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Updated 2 years ago
- Imphash-like calculation on Golang binaries☆49Updated 3 years ago
- Scripts, Yara rules and other files developed during malware investigations☆25Updated 3 years ago
- ☆33Updated 3 years ago
- Lazarus analysis tools and research report☆56Updated last year
- Quick ESXi Log Parser☆24Updated this week
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated 2 years ago
- ☆21Updated 5 months ago
- ETW forensic tool for Volatility3 plugin☆16Updated 9 months ago
- ☆15Updated 3 years ago
- Python based CLI for MalwareBazaar☆37Updated last month
- A collection of my yara rules☆34Updated 2 years ago
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Updated 2 years ago
- Python wrappers for mal_unpack☆36Updated last year
- Generates YARA rules to detect malware using API hashing☆17Updated 4 years ago
- Yara rules☆22Updated 2 years ago
- Documentation and parsers for different anti-virus quarantine formats.☆42Updated 4 years ago
- A set of tools for collecting forensic information☆26Updated 5 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- ESXi Cyber Security Incident Response Script☆25Updated 11 months ago
- ShellSweeping the evil.☆53Updated last year
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆27Updated 3 years ago
- Yara Rules for Modern Malware☆79Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆97Updated 2 years ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆44Updated 4 years ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆46Updated 2 years ago
- Just Another broken Registry Parser (JARP)☆16Updated last year
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Updated 6 months ago