meirwah / awesome-malware-analysis
A curated list of awesome malware analysis tools and resources
☆79Updated 9 years ago
Alternatives and similar repositories for awesome-malware-analysis:
Users that are interested in awesome-malware-analysis are comparing it to the libraries listed below
- Dump of organized knowledge on DFIR☆134Updated 3 years ago
- Security Monitoring Resolution Categories☆138Updated 3 years ago
- Term concordances for each course in the SANS DFIR curriculum. Used for automated index generation.☆66Updated 4 years ago
- Mark Baggett's (@MarkBaggett - GSE #15, SANS SEC573 Author) tool for detecting randomness using NLP techniques rather than pure entropy c…☆125Updated 2 years ago
- Tools to automate and/or expedite response.☆113Updated 9 months ago
- Collection of useful, up to date, Carbon Black Response Queries☆83Updated 4 years ago
- ☆131Updated last year
- Scripts to facilitate filtering with Plaso☆124Updated 4 years ago
- Slides and Other Resources from my latest Talks and Presentations☆24Updated 4 years ago
- Repository of scripts/tools that may be useful in Security Operations Centres (SOC)☆54Updated 4 years ago
- Splunk Boss of the SOC v1 data set.☆111Updated 6 years ago
- A Splunk app to use MISP in background☆110Updated last month
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆108Updated 5 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆72Updated 10 months ago
- Example programs used in the automating DFIR series☆63Updated 6 years ago
- Powershell Threat Hunting Module☆283Updated 8 years ago
- ☆116Updated last year
- Office365 Log Analysis Framework☆82Updated 5 years ago
- Invoke-LiveResponse☆147Updated 3 years ago
- InvestigationPlaybookSpec☆72Updated 7 years ago
- Expert Investigation Guides☆51Updated 4 years ago
- Repository of public reference frameworks for the DFIR community.☆116Updated last year
- Salt States for Configuring the SIFT Workstation☆101Updated this week
- Tools from WFA 4/e, timeline tools, etc.☆135Updated last year
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆245Updated 3 years ago
- Collection of walkthroughs on various threat hunting techniques☆75Updated 4 years ago
- Carbon Black Feeds☆72Updated 2 years ago
- Analyze binaries collected in VMware Carbon Black EDR against Yara rules.☆37Updated 2 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆53Updated 2 years ago
- Collecting & Hunting for IOCs with gusto and style☆238Updated 3 years ago