Jupyter Notebooks for Cyber Threat Intelligence
☆35Sep 14, 2023Updated 2 years ago
Alternatives and similar repositories for jupyter
Users that are interested in jupyter are comparing it to the libraries listed below
Sorting:
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- ☆11Jun 12, 2023Updated 2 years ago
- simple webapp for converting sigma rules into siem queries using the pySigma library☆50Sep 1, 2023Updated 2 years ago
- Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files☆31Jun 15, 2022Updated 3 years ago
- Here are some tools I developed to help analyze malware☆11Nov 8, 2023Updated 2 years ago
- 🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.☆14May 22, 2024Updated last year
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆127Dec 5, 2023Updated 2 years ago
- ETW-Almulahaza is a consumer python-based tool that help you monitor ETW events of the operating system☆13Jun 24, 2022Updated 3 years ago
- Threat Hunting is time consuming enough as it is. Coming up with and tracking metrics to justify your hunt team to the Execs often takes…☆13Dec 7, 2022Updated 3 years ago
- Look into EDR events from network☆25Nov 20, 2025Updated 4 months ago
- Reference list for my Ransomware exploitation research. Lists current DLLs I have seen to date that some ransomware search for, which I h…☆11Jul 16, 2022Updated 3 years ago
- ☆18Dec 20, 2024Updated last year
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Yara Rules for Modern Malware☆78Mar 3, 2024Updated 2 years ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆150Sep 22, 2023Updated 2 years ago
- Decentralized Cyber Threat Intelligence Kaizen Framework☆27Jan 31, 2022Updated 4 years ago
- A homebrewed cyber threat intelligence solution☆20Nov 20, 2012Updated 13 years ago
- This is a repo for fetching Applocker event log by parsing the win-event log☆31Aug 6, 2022Updated 3 years ago
- ☆14Oct 25, 2022Updated 3 years ago
- Fraktal's Ransomware Emulator☆101Apr 5, 2024Updated last year
- Cyber Threat Intelligence Appliance☆13Dec 8, 2022Updated 3 years ago
- Library of threat hunts to get any user started!☆50Sep 4, 2020Updated 5 years ago
- Set of scripts to index PCAP files and retrieve packets☆14Sep 10, 2015Updated 10 years ago
- Malformed Access Log to CSV - Convert Web Server Access Logs to CSV☆18Sep 3, 2024Updated last year
- Python script for parsing ESET (NOD32) virlog.dat file.☆14Sep 28, 2017Updated 8 years ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆791Mar 14, 2026Updated last week
- Collection of scripts / samples / snippits around the community service at www.filescan.io☆17Nov 6, 2025Updated 4 months ago
- Knowing which rule should trigger according to the redcannary test☆11Nov 23, 2024Updated last year
- Carve file metadata from NTFS index ($I30) attributes☆71Feb 3, 2024Updated 2 years ago
- Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…☆43Sep 21, 2023Updated 2 years ago
- Git for me to put all my forensics stuff☆23Sep 2, 2025Updated 6 months ago
- PowerShell tool to triage systems☆12May 17, 2023Updated 2 years ago
- Python tool for converting from joy format to JA3 format SSL/TLS hashes☆11Jun 3, 2020Updated 5 years ago
- A document tagging library☆33Mar 27, 2025Updated 11 months ago
- Open-source Fabric templates for cybersecurity and compliance☆31Jan 13, 2025Updated last year
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆209Jul 21, 2022Updated 3 years ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆117Jan 26, 2022Updated 4 years ago