karemfaisal / SMUCLinks
Simplified MITRE Use Cases, it describes the Attack and Detection
☆45Updated 4 years ago
Alternatives and similar repositories for SMUC
Users that are interested in SMUC are comparing it to the libraries listed below
Sorting:
- The Windows Malware Analysis Reversing Core Tools☆95Updated 4 years ago
- Hunt malware with Volatility☆47Updated last year
- Userland API monitor for threat hunting☆58Updated 5 years ago
- Random hunting ordiented yara rules☆97Updated 2 years ago
- Machine Interrogation To Identify Gaps & Techniques for Execution☆32Updated 2 years ago
- A repo to support the book☆108Updated 3 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆105Updated 2 years ago
- YARA rule analyzer to improve rule quality and performance☆102Updated 2 months ago
- ☆51Updated 2 years ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆45Updated 2 years ago
- Malware Samples that could be used for teaching students about malware analysis.☆56Updated last year
- A curated collection of resources that may be beneficial for anyone pursuing the OSCE.☆44Updated 3 years ago
- Three datasets to practice Threat Hunting against.☆46Updated last year
- Cuckoo running in a nested hypervisor☆128Updated 5 years ago
- Capa analysis importer for Ghidra.☆61Updated 4 years ago
- Various capabilities for static malware analysis.☆78Updated 9 months ago
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Updated last year
- TA505+ Adversary Simulation☆65Updated 4 years ago
- ☆116Updated last year
- ☆27Updated 3 years ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆45Updated 3 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 5 years ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Updated 2 years ago
- Understanding and analyzing carrier files workshop repo☆50Updated 5 years ago
- Active Directory Purple Team Playbook☆108Updated 2 years ago
- Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.☆65Updated 2 years ago
- ☆33Updated last year
- Carbon Black Response IR tool☆53Updated 4 years ago
- ☆99Updated 8 months ago
- ☆66Updated 2 years ago