jymcheong / OpenEDR
Renamed to Free EDR to avoid confusion with Comodo's project
☆22Updated last year
Related projects: ⓘ
- Tweettioc Splunk App☆20Updated 4 years ago
- Machine Interrogation To Identify Gaps & Techniques for Execution☆32Updated 2 years ago
- Generate YARA rules for OOXML documents.☆37Updated last year
- Tracking APT IOCs☆24Updated 3 years ago
- Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.☆62Updated last year
- Automated detection rule analysis utility☆29Updated 2 years ago
- ☆37Updated 2 years ago
- C# User Simulation☆33Updated last year
- Userland API monitor for threat hunting☆54Updated 4 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆102Updated last year
- This is a repository that is meant to hold detections for various process injection techniques.☆32Updated 4 years ago
- Random hunting ordiented yara rules☆95Updated last year
- Dashboards for conducting forensic investigation using windows events in Kibana☆17Updated 5 years ago
- ☆42Updated last year
- THOR Thunderstorm Collectors☆24Updated last week
- Links to malware-related YARA rules☆14Updated last year
- OSSEM Modular☆27Updated 4 years ago
- Automatic detection engineering technical state compliance☆49Updated 2 months ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆74Updated 2 years ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆57Updated last year
- A library for fast parse & import of Windows Eventlogs into Elasticsearch.☆79Updated 2 months ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆36Updated last year
- Standardized Malware Analysis Tool☆51Updated 3 years ago
- This repository maintains the SaltStack state files for the REMnux distro.☆39Updated this week
- Modular malware analysis artifact collection and correlation framework☆49Updated 4 months ago
- A YARA Rule Performance Measurement Tool☆58Updated 6 months ago
- Manipulate timestamps on NTFS☆48Updated 9 years ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆43Updated 3 years ago
- A list of Mitre Caldera compatible emulation-plans☆14Updated 3 years ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆40Updated 4 years ago