hjunker / ProcessBouncer
ProcessBouncer is a simple but effective tool for blocking malware with a process-based approach. With a little fine-tuning this allows to effectively block most of current ransomware that is out there.
☆24Updated 3 years ago
Alternatives and similar repositories for ProcessBouncer:
Users that are interested in ProcessBouncer are comparing it to the libraries listed below
- Pure Honeypots with an automated bash script☆20Updated 3 years ago
- A Passive DNS backend and collector☆31Updated 2 years ago
- A Darktrace CLI written in Python☆15Updated 5 years ago
- ☆12Updated 3 years ago
- Check IOC provided by a MISP instance on Suricata events☆17Updated 5 years ago
- Exchange your privileges for Domain Admin privs by abusing Exchange☆16Updated 5 years ago
- This repo exists as a quick and dirty arsenal of methods and scripts to subvert .NET SSL/TLS certificate validation in PowerShell and pre…☆11Updated 8 years ago
- Easy way to create a MISP event related to a Phishing page☆17Updated last year
- Notebooks created to attack and secure Active Directory environments☆27Updated 5 years ago
- The FastIR Server is a Web server to schedule FastIR Collector forensics collect thanks to the FastIR Agent☆12Updated 7 years ago
- Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident re…☆28Updated 8 years ago
- A single repository for any security tools, scripts, documentation, etc. that I add☆12Updated 7 years ago
- Indicators of compromise relating to our report on APT10's targeting of global MSPs☆10Updated 7 years ago
- A collection of tools adversaries commonly use in an attack.☆14Updated 4 months ago
- Repository for scripts and tips for "Yara Scan Service"☆20Updated 2 years ago
- My personal Automated Malware Analysis Sandboxes and Services☆24Updated 8 years ago
- Windows application aiming to preserve cryptographic information used by ransomware operations. If you suspect a ransomware is running on…☆26Updated 7 years ago
- This is a repository for the public blog with Labs indicators of compromise.☆10Updated 5 years ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Updated last year
- The Purpose of this research tool is to provide a Python client into RiskIQ API services.☆22Updated 4 years ago
- Threat Intel and Incident Reponse☆10Updated 6 years ago
- Log aggregation, analysis, alerting and correlation for Windows, Syslog and text based logs.☆24Updated 8 years ago
- This module installs and configures MISP (Malware Information Sharing Platform)☆13Updated last week
- HoneyDB Python Module☆13Updated last year
- ☆22Updated 4 years ago
- Repository of Information sharing on threats and indicators☆12Updated 5 years ago
- Ransomware Decryptors☆34Updated 2 years ago
- Short little AV Test to check Detection Rates☆22Updated 4 years ago
- This script will pull and analyze syscalls in given application(s) allowing for easier security research purposes☆21Updated 4 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago