karemfaisal / SMUC
Simplified MITRE Use Cases, it describes the Attack and Detection
☆40Updated 3 years ago
Related projects: ⓘ
- Userland API monitor for threat hunting☆54Updated 4 years ago
- Random hunting ordiented yara rules☆95Updated last year
- Research indicators and detection rules☆67Updated last year
- Cuckoo running in a nested hypervisor☆128Updated 4 years ago
- Capa analysis importer for Ghidra.☆61Updated 3 years ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆36Updated last year
- Malware Samples that could be used for teaching students about malware analysis.☆45Updated 5 months ago
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆128Updated last year
- Various capabilities for static malware analysis.☆75Updated 2 weeks ago
- A repo to document API functions mapped to security events across diverse platforms☆74Updated 4 years ago
- ☆140Updated this week
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆93Updated 2 weeks ago
- YARA rule analyzer to improve rule quality and performance☆93Updated 9 months ago
- Telsy CTI Research Team☆57Updated 3 years ago
- HXTool is an extended user interface for the FireEye HX Endpoint product. HXTool can be installed on a dedicated server or on your physic…☆79Updated 2 months ago
- Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.☆62Updated last year
- Community modules for CAPE Sandbox☆84Updated 2 weeks ago
- ☆113Updated 7 months ago
- Merge all Yara rules from official Yara github repository in one .yar file☆28Updated 6 years ago
- Psinfo is a Volatility plugin which collects the process related information from the VAD (Virtual Address Descriptor) and PEB (Process E…☆36Updated 7 years ago
- A small utility to deal with malware embedded hashes.☆48Updated 11 months ago
- Collection of YARA signatures from individual research☆41Updated 10 months ago
- ☆27Updated 2 years ago
- ☆75Updated 3 weeks ago
- Personal compilation of APT malware from whitepaper releases, documents and own research☆253Updated 5 years ago
- Honeybag helps you to create 'bait archive' with any folders and files, notify you if someone accesses it☆16Updated 3 years ago
- hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Curre…☆40Updated 5 years ago
- Unprotect is a python tool for parsing PE malware and extract evasion techniques.☆110Updated last year
- Python based CLI for MalwareBazaar☆36Updated 9 months ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆57Updated last year