Scripts and tools accompanying HP Threat Research blog posts and reports.
☆50Apr 10, 2024Updated last year
Alternatives and similar repositories for tools
Users that are interested in tools are comparing it to the libraries listed below
Sorting:
- Indicators of Compromise (IOCs) accompanying HP Threat Research blog posts and reports.☆29Apr 10, 2024Updated last year
- ☆28Jul 5, 2025Updated 7 months ago
- Collection of scripts used to analyse malware or emails☆20Oct 6, 2020Updated 5 years ago
- ☆11Mar 12, 2021Updated 4 years ago
- TA505 unpacker Python 2.7☆46Jun 22, 2020Updated 5 years ago
- carcass is a Python package to generate python package scaffolding based on best practices☆17Jan 10, 2022Updated 4 years ago
- Get intelligence info (tags, mitre techniques, yara and more) and find similar malware in a fast and easy way☆19Jun 6, 2022Updated 3 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- ☆35Oct 29, 2021Updated 4 years ago
- High-level Threat Intelligence playbooks☆20Mar 6, 2021Updated 4 years ago
- ☆21May 8, 2022Updated 3 years ago
- Standardized Malware Analysis Tool☆56Mar 9, 2021Updated 4 years ago
- Threat Box Assessment Tool☆19Aug 15, 2021Updated 4 years ago
- IOC from articles, tweets for archives☆318Dec 12, 2023Updated 2 years ago
- Incident Response Methodologies (IRM), also called Incident Playbook, based on the work done by the CERT Societe General☆24Dec 16, 2021Updated 4 years ago
- Leaked communication of Conti ransomware group from Jan 29, 2021 to Feb 27, 2022☆133Mar 2, 2022Updated 4 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- Quick lookup files for SUNBURST Backdoor☆12Dec 15, 2020Updated 5 years ago
- Tool to decrypt encrypted strings in AgentTesla☆16Jan 24, 2022Updated 4 years ago
- Imphash-like calculation on Golang binaries☆49Jul 2, 2022Updated 3 years ago
- Here are some tools I developed to help analyze malware☆11Nov 8, 2023Updated 2 years ago
- A collection of Python resources for Blue Team security work☆16Sep 23, 2018Updated 7 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- Scripts, Yara rules and other files developed during malware investigations☆27Aug 19, 2022Updated 3 years ago
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆141Nov 19, 2023Updated 2 years ago
- Automatically create YARA rules from malicious documents.☆211May 16, 2022Updated 3 years ago
- Resources I've found useful for my CTI work☆12Dec 27, 2023Updated 2 years ago
- ☆11Jun 12, 2023Updated 2 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- A quick bash script that I created in order to speed up the creation of usable kali boxes.☆11Oct 29, 2021Updated 4 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 8 months ago
- XOR Key Extractor☆51Aug 10, 2024Updated last year
- Duo MFA auditing tool to test users' likelihood of approving unexpected push notifications☆13Apr 20, 2018Updated 7 years ago
- A collection of my public YARA signatures for various malware families☆30Sep 20, 2024Updated last year
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆78Jan 9, 2024Updated 2 years ago
- A PowerShell incident response script for quick triage☆81Jul 18, 2022Updated 3 years ago
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆19Feb 26, 2024Updated 2 years ago
- Basic c2-matrix analysis enviroment using Suricata + Wazuh + Elastic stack☆12Apr 18, 2020Updated 5 years ago
- Universal Malware Sample Encryption☆13Jan 5, 2024Updated 2 years ago