hjunker / ProcessBouncer
ProcessBouncer is a simple but effective tool for blocking malware with a process-based approach. With a little fine-tuning this allows to effectively block most of current ransomware that is out there.
☆23Updated 3 years ago
Related projects: ⓘ
- A Passive DNS backend and collector☆31Updated 2 years ago
- Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident re…☆27Updated 8 years ago
- The FastIR Server is a Web server to schedule FastIR Collector forensics collect thanks to the FastIR Agent☆12Updated 7 years ago
- Repository for scripts and tips for "Yara Scan Service"☆20Updated last year
- ☆22Updated 3 years ago
- Easy way to create a MISP event related to a Phishing page☆17Updated last year
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Updated 5 years ago
- This module installs and configures MISP (Malware Information Sharing Platform)☆13Updated this week
- ☆12Updated 3 years ago
- FastIR Agent is a Windows service to execute FastIR Collector on demand☆14Updated 7 years ago
- Indicators of compromise relating to our report on APT10's targeting of global MSPs☆10Updated 6 years ago
- Triage automation for suspect URLs☆13Updated 5 years ago
- Pure Honeypots with an automated bash script☆19Updated 3 years ago
- ☆12Updated 6 years ago
- Check IOC provided by a MISP instance on Suricata events☆17Updated 5 years ago
- hassh-utils: Nmap NSE Script and Docker image for HASSH - the SSH client/server fingerprinting method (https://github.com/salesforce/hass…☆54Updated this week
- Collection Of Scripts And Utilities For Windows Event Hunting☆16Updated 4 years ago
- Notebooks created to attack and secure Active Directory environments☆27Updated 4 years ago
- Repository of Information sharing on threats and indicators☆12Updated 4 years ago
- Batch scripts to capture volatile and log information from a target system☆19Updated 9 years ago
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.☆33Updated 5 years ago
- The Shodan monitoring tools allows you to monitor shodan listed servers basis on the filter you provided☆33Updated 3 years ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆32Updated 7 months ago
- emotet configs pulled from https://cape.contextis.com/☆15Updated 2 years ago
- Useful commands for infosec☆28Updated last year
- Gunslinger is used to hunt for Magecart sites using URLScan's API☆30Updated 2 years ago
- ☆23Updated 4 years ago
- Useful Windows and AD tools☆15Updated 2 years ago
- Proof-of-concept for phishing intelligence in Elastic☆15Updated 5 years ago
- Short little AV Test to check Detection Rates☆22Updated 3 years ago