malienist / lupo
Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation
☆106Updated 2 years ago
Alternatives and similar repositories for lupo:
Users that are interested in lupo are comparing it to the libraries listed below
- ☆65Updated 4 years ago
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆165Updated 2 years ago
- Carbon Black Response IR tool☆53Updated 4 years ago
- A visualized overview of the Initial Access Broker (IAB) cybercrime landscape☆114Updated 3 years ago
- Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].☆150Updated 2 years ago
- Blueteam operational triage registry hunting/forensic tool.☆145Updated last year
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 3 years ago
- Simple PowerShell script to enable process scanning with Yara.☆93Updated 2 years ago
- Active C2 IoCs☆99Updated 2 years ago
- Further investigation in to APT campaigns disclosed by private security firms and security agencies☆86Updated 2 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- Linux Evidence Acquisition Framework☆114Updated 7 months ago
- Lazarus analysis tools and research report☆56Updated last year
- IOC Collection 2022☆57Updated 2 years ago
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆60Updated 2 years ago
- ☆68Updated 2 months ago
- ☆160Updated last year
- ☆87Updated last year
- Picus Labs☆44Updated 4 years ago
- This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.☆114Updated last year
- Active C&C Detector☆154Updated last year
- This repo is where I store my Threat Hunting ideas/content☆87Updated last year
- A home for detection content developed by the delivr.to team☆69Updated 3 months ago
- Initial triage of Windows Event logs☆97Updated 10 months ago
- A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.☆138Updated 9 months ago
- ☆63Updated 3 years ago
- Notes and IoCs of fresh malware☆57Updated 10 months ago
- YARA rule analyzer to improve rule quality and performance☆99Updated 3 weeks ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆146Updated last year
- Yara Rules for Modern Malware☆77Updated last year