hjunker / ProcessBouncerLinks
ProcessBouncer is a simple but effective tool for blocking malware with a process-based approach. With a little fine-tuning this allows to effectively block most of current ransomware that is out there.
☆24Updated 4 years ago
Alternatives and similar repositories for ProcessBouncer
Users that are interested in ProcessBouncer are comparing it to the libraries listed below
Sorting:
- Pure Honeypots with an automated bash script☆20Updated 3 years ago
- Notebooks created to attack and secure Active Directory environments☆27Updated 5 years ago
- Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident re…☆31Updated 8 years ago
- Windows application aiming to preserve cryptographic information used by ransomware operations. If you suspect a ransomware is running on…☆29Updated 8 years ago
- The FastIR Server is a Web server to schedule FastIR Collector forensics collect thanks to the FastIR Agent☆12Updated 8 years ago
- A collection of tools adversaries commonly use in an attack.☆14Updated 7 months ago
- ☆12Updated 4 years ago
- Gunslinger is used to hunt for Magecart sites using URLScan's API☆31Updated 3 years ago
- Automated Payload Test Controller☆10Updated 8 years ago
- A Darktrace CLI written in Python☆16Updated 5 years ago
- Compiles a json dataset using public sources that contains properties to aid in the detection and mitigation of over 1000 variants of ran…☆73Updated 2 years ago
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Updated 5 years ago
- CIRCL system forensic tools or a jumble of tools to support forensic☆42Updated 2 years ago
- Ransomware Decryptors☆36Updated 3 years ago
- A Passive DNS backend and collector☆31Updated 3 years ago
- Check IOC provided by a MISP instance on Suricata events☆17Updated 6 years ago
- This repo is dedicated to all my tricks, tweaks and modules for testing and hunting threats. This repo contains multiple directories whic…☆56Updated 7 years ago
- Generic Signature Format for SIEM Systems☆14Updated 3 years ago
- Curated list of enterprise ransomware defense resources☆14Updated 3 years ago
- F-Secure Lightweight Acqusition for Incident Response (FLAIR)☆16Updated 4 years ago
- FastIR Agent is a Windows service to execute FastIR Collector on demand☆14Updated 8 years ago
- Repository of Information sharing on threats and indicators☆12Updated 5 years ago
- PowerShell wrapper for nmap, allows easy scanning of many hosts and subnets☆17Updated 7 years ago
- Comae Stardust Command Line (Powershell & Python)☆1Updated 2 years ago
- Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer☆42Updated 4 years ago
- This is a repository for the public blog with Labs indicators of compromise.☆10Updated 5 years ago
- This is a large list of ransomware decryptor from various link. Consist from various type of ransomware. Feel free to contribute.☆17Updated 8 years ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 4 years ago
- Short little AV Test to check Detection Rates☆22Updated 4 years ago
- Useful Windows and AD tools☆15Updated 3 years ago