kirk-sayre-work / ViperMonkey

Related projects ⓘ

Alternatives and complementary repositories for ViperMonkey

• Xumeiquer / yara-forensics
  Set of Yara rules for finding files using magics headers
  ☆135Updated 4 years ago
• mbevilacqua / appcompatprocessor
  "Evolving AppCompat/AmCache data analysis beyond grep"
  ☆197Updated 3 years ago
• silence-is-best / c2db
  c2 traffic
  ☆188Updated last year
• sbousseaden / YaraHunts
  Random hunting ordiented yara rules
  ☆95Updated last year
• mgreen27 / Invoke-LiveResponse
  Invoke-LiveResponse
  ☆145Updated 2 years ago
• CybercentreCanada / CCCS-Yara
  YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
  ☆98Updated 2 months ago
• MITRECND / malchive
  Various capabilities for static malware analysis.
  ☆75Updated 2 months ago
• 0xrawsec / gene
  Signature engine for all your logs
  ☆160Updated 11 months ago
• target / halogen
  Automatically create YARA rules from malicious documents.
  ☆208Updated 2 years ago
• davidpany / WMI_Forensics
  ☆294Updated 4 years ago
• Neo23x0 / yaraQA
  YARA rule analyzer to improve rule quality and performance
  ☆93Updated 11 months ago
• OTRF / API-To-Event
  A repo to document API functions mapped to security events across diverse platforms
  ☆75Updated 5 years ago
• williballenthin / EVTXtract
  EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
  ☆189Updated 4 years ago
• ANSSI-FR / bits_parser
  Extract BITS jobs from QMGR queue and store them as CSV records
  ☆74Updated 4 months ago
• brimorlabs / KStrike
  Stand-alone parser for User Access Logging from Server 2012 and newer systems
  ☆71Updated 10 months ago
• MHaggis / CBR-Queries
  Collection of useful, up to date, Carbon Black Response Queries
  ☆83Updated 4 years ago
• fxb-cocacoding / yara-signator
  Automatic YARA rule generation for Malpedia
  ☆154Updated 2 years ago
• msuhanov / yarp
  Yet another registry parser
  ☆129Updated 2 years ago
• airbus-cert / regrippy
  A modern Python-3-based alternative to RegRipper
  ☆187Updated this week
• remg427 / misp42splunk
  A Splunk app to use MISP in background
  ☆109Updated 2 weeks ago
• monnappa22 / HollowFind
  Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …
  ☆130Updated 2 years ago
• NextronSystems / valhallaAPI
  Valhalla API Client
  ☆63Updated last year
• MalwareArchaeology / ARTHIR
  ATT&CK Remote Threat Hunting Incident Response
  ☆198Updated 5 years ago
• andreafortuna / autotimeliner
  Automagically extract forensic timeline from volatile memory dump
  ☆123Updated 6 months ago
• P4T12ICK / Sigma-Rule-Repository
  Sigma Detection Rule Repository
  ☆85Updated 4 years ago
• Beercow / SEPparser
  Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.
  ☆63Updated last year
• marcurdy / dfir-toolset
  Dump of organized knowledge on DFIR
  ☆132Updated 3 years ago
• 00010111 / smbtimeline
  ☆31Updated 2 weeks ago
• PoorBillionaire / Windows-Prefetch-Parser
  Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files
  ☆115Updated 5 months ago
• appgate / labs
  This repository contains files from AppGate / Immunity Malware Analysis Team.
  ☆21Updated 3 years ago