malware-traffic / indicators
Indicators of Compromise (IOCs) from malware or suspicious network traffic
β26Updated 3 weeks ago
Alternatives and similar repositories for indicators
Users that are interested in indicators are comparing it to the libraries listed below
Sorting:
- A simple tool designed to create Atomic Red Team tests with ease.β42Updated 2 months ago
- π§° ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.β73Updated 3 weeks ago
- This tool parses Windows EVTX logs to extract login and logout sessions from a security.evtx file. It uses a Tkinter GUI to let you selecβ¦β32Updated 2 months ago
- A series of python scripts to extract information from Dark Web Applicationsβ12Updated last month
- Packet captures of malicious traffic for analysis using Wiresharkβ58Updated last year
- β68Updated 5 months ago
- IOC Stream and Command and Control Database Containing Command and Control (C2) Servers Detected Daily by ThreatMon.β64Updated last year
- Actively hunt for attacker infrastructure by filtering Shodan results with URLScan data.β61Updated 10 months ago
- Creation of a laboratory for malware analysis in AWSβ96Updated 2 years ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data wβ¦β51Updated 5 months ago
- β39Updated 4 months ago
- CarbonBlack EDR detection rules and response actionsβ71Updated 8 months ago
- Deny list generator for password filtersβ25Updated 9 months ago
- Modular framework for automating triaging, malware analysis, and analyst workflowsβ36Updated 2 weeks ago
- This repository contains a comprehensive testing designed for evaluating the performance and resilience of Endpoint Detection and Responsβ¦β54Updated 7 months ago
- APT hub, It help's research to collect information and data on the latest APT activities. It collects data on APT profiles, IOCs(1 yr), aβ¦β51Updated 2 months ago
- Finding ClickFix and FakeCAPTCHA like it's 1999β36Updated this week
- BusPwn V1.0 is a powerful Modbus hacking framework designed for testing and exploiting vulnerabilities in Modbus-based systems commonly fβ¦β19Updated last month
- β20Updated last year
- DShield Sensor Log Collection with ELKβ27Updated last week
- Living Off Security Toolsβ44Updated 6 months ago
- Linux Baseline and Forensic Triage Tool - BETAβ55Updated 2 years ago
- All the principles of the AI modular structure that generates malicious code fragments sold on the dark webβ70Updated last year
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitionersβ88Updated 6 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.β156Updated last month
- List of all Red Teaming tools and Techniques for each stagesβ11Updated 2 years ago
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to automβ¦β47Updated last year
- A network logging tool that logs per process activitiesβ32Updated last year
- β32Updated last year
- β74Updated last month