Indicators of Normality
☆11Jul 22, 2022Updated 3 years ago
Alternatives and similar repositories for ION
Users that are interested in ION are comparing it to the libraries listed below
Sorting:
- ☆27Feb 6, 2022Updated 4 years ago
- Parsers for common structures across windows formats.☆12Aug 23, 2023Updated 2 years ago
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- Supporting material for the "Hunting Bugs In The Tropics" DEFCON 30 talk☆10Aug 18, 2022Updated 3 years ago
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- System Call Integrity Layer - experimental security research☆25Jan 31, 2026Updated last month
- ☆33Feb 26, 2022Updated 4 years ago
- LNK to JSON☆14Mar 7, 2019Updated 6 years ago
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆66Jul 7, 2022Updated 3 years ago
- Cybersecurity Incidents Mind Maps☆34Sep 29, 2021Updated 4 years ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- Conceptual Methods for Finding Commonalities in Macho Files☆12Mar 21, 2024Updated last year
- Python bindings for https://github.com/omerbenamram/mft☆23Dec 23, 2025Updated 2 months ago
- ☆21May 8, 2022Updated 3 years ago
- Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more☆30Nov 26, 2025Updated 3 months ago
- ☆15Nov 25, 2021Updated 4 years ago
- A repo that contains a recursive dump from the ROOT key of every Windows Registry hive (using KAPE) from a vanilla (clean) install of eve…☆53Oct 29, 2025Updated 4 months ago
- Yet Another Memory Analyzer for malware detection☆24Aug 4, 2023Updated 2 years ago
- Cleo Unrestricted file upload and download PoC (CVE-2024-50623)☆25Dec 11, 2024Updated last year
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆53Oct 23, 2024Updated last year
- Parse Manifest.mbdb files from iTunes backup directories☆20Jun 29, 2017Updated 8 years ago
- Fix acquired .evt - Windows Event Log files (Forensics)☆18Mar 29, 2016Updated 9 years ago
- A few quick recipes for those that do not have much time during the day☆22Oct 28, 2024Updated last year
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 5 months ago
- ☆19Oct 23, 2020Updated 5 years ago
- Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.☆22Oct 31, 2018Updated 7 years ago
- ☆24Aug 30, 2019Updated 6 years ago
- AdHoc solutions☆49Aug 29, 2023Updated 2 years ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆45May 12, 2021Updated 4 years ago
- USN to JSON☆22Apr 4, 2020Updated 5 years ago
- POC of CVE-2022-21881 exploited at TianfuCup 2021 to escape Chrome Sandbox☆21Aug 9, 2022Updated 3 years ago
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆23Aug 7, 2024Updated last year
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆60Oct 28, 2022Updated 3 years ago
- Zone transfers for rwhois☆20Feb 27, 2019Updated 7 years ago
- Extension blocks as found in ShellBags and other places in the Registry☆25Jan 7, 2025Updated last year