kirk-sayre-work / box-js
A tool for studying JavaScript malware.
☆13Updated last week
Related projects ⓘ
Alternatives and complementary repositories for box-js
- Can you pay the ransom in your country?☆13Updated 10 months ago
- ☆24Updated 2 years ago
- Converting data from services like Censys and Shodan to a common data model☆48Updated 2 months ago
- Logbook for Digital Forensics and Incident Response☆49Updated 3 months ago
- Threat Box Assessment Tool☆19Updated 3 years ago
- Scripts and lists to help generate YARA friendly string mutations☆19Updated last year
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 3 years ago
- Get started using Synapse Open-Source to start a Cortex and perform analysis within your area of expertise.☆38Updated 2 years ago
- List of Awesome Vertex Synapse Resources☆27Updated 3 months ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated last year
- Open source training materials for law-enforcement and organisations interested in DFIR.☆55Updated last month
- A web scraper to create MISP events and reports☆14Updated last year
- ☆19Updated last year
- my MSTICpy practice and custom tools repository☆11Updated this week
- pocket guide for core threat hunting concepts☆23Updated 4 years ago
- Python library to query various sources of threat intelligence for data on domains, file hashes, and IP addresses.☆30Updated last year
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆44Updated 2 years ago
- ☆14Updated last year
- Just Another broken Registry Parser (JARP)☆16Updated 5 months ago
- Yara rules☆19Updated last year
- A tool to help malware analysts signature unique parts of RTF documents☆29Updated 9 months ago
- CSIRT Jump Bag☆27Updated 6 months ago
- USN Journal full path builder☆36Updated last month
- Creating a Feed of MISP Events from ThreatFox (by abuse.ch)☆19Updated 3 years ago
- Attempt to replicate the functions of auto_rip by Corey Harrell in Python.☆13Updated 3 months ago
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆31Updated 2 years ago
- Indicators of compromise, YARA rules, and Python scripts to supplement the SANS CTI Summit 2021 talk: "xStart when you're ready".☆14Updated 3 years ago
- A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis☆23Updated 4 months ago
- A happy place for detection engineers, purple teamers and threat hunters focusing on macOS.☆20Updated 2 years ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆39Updated 2 years ago