mrcbax / honeyup

Related projects: ⓘ

• TobySalusky / cont3xt
  Cont3xt intends to centralize and simplify a structured approach to gathering contextual intelligence in support of technical investigati…
  ☆36Updated 6 months ago
• ninoseki / uzen
  Website crawler with YARA detection
  ☆87Updated last year
• tsale / yara_scanner
  ☆20Updated this week
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆49Updated 2 months ago
• lp-db / lp-db
  Login Pages Database forms a knowledge base on login pages related to malicious activities (C2 panels, phishing kits...).
  ☆37Updated last year
• swimlane / trawl
  A utility to trawl phishing domains and attempt to identify phishing kits as well as other malicious activity
  ☆36Updated 2 years ago
• iThreatopedia / iThreatopedia.github.io
  A happy place for detection engineers, purple teamers and threat hunters focusing on macOS.
  ☆20Updated 2 years ago
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆72Updated 2 years ago
• ppt0 / easyhunting
  ☆17Updated this week
• cocaman / yara-scan-service
  Repository for scripts and tips for "Yara Scan Service"
  ☆20Updated last year
• telekom-security / acquire-aws-ec2
  A python script to acquire multiple aws ec2 instances in a forensically sound-ish way
  ☆37Updated 2 years ago
• BushidoUK / Abused-Legitimate-Services
  Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
  ☆57Updated last year
• chihebchebbi / Azure-Sentinel-Hive-Playbook
  Send High & New Incidents to The Hive incident management Platform
  ☆17Updated 3 years ago
• tsale / BlueSploit
  BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.
  ☆32Updated 4 years ago
• Hestat / calamity
  A script to assist in processing forensic RAM captures for malware triage
  ☆27Updated 3 years ago
• cloud-sniper / cloud-droid
  ☆56Updated this week
• delivr-to / detections
  A home for detection content developed by the delivr.to team
  ☆56Updated 2 weeks ago
• ninoseki / ioc-extractor
  An npm package for extracting common IoC (Indicator of Compromise) from a block of text
  ☆53Updated 2 weeks ago
• rkovar / ransomwarelegality
  Can you pay the ransom in your country?
  ☆13Updated 9 months ago
• vadim-hunter / Threat-Hunters-KB
  Threat Hunter's Knowledge Base
  ☆21Updated 2 years ago
• threathunters-io / QLOG
  Windows Security Logging
  ☆43Updated 2 years ago
• dsnezhkov / racketeer
  ☆68Updated 2 years ago
• ezaspy / elrond
  Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
  ☆29Updated 2 months ago
• Neo23x0 / ti-falsepositives
  A collection of typical false positive indicators
  ☆54Updated 3 years ago
• mandiant / pulsesecure_exploitation_countermeasures
  ☆22Updated last year
• NoDataFound / RiskIQ.SunBurst.Hunter
  The Purpose of this research tool is to provide a Python client into RiskIQ API services.
  ☆22Updated 3 years ago
• jeffjbowie / intelligence_gathering
  A collection of scripts for the purpose of gathering open source intelligence, to be presented at GrayHat, BSides Denver, and Information…
  ☆24Updated 3 years ago
• NVISOsecurity / nviso-cti
  ☆40Updated 5 months ago
• eCrimeLabs / phish2MISP
  Easy way to create a MISP event related to a Phishing page
  ☆17Updated last year
• curated-intel / Initial-Access-Broker-Landscape
  A visualized overview of the Initial Access Broker (IAB) cybercrime landscape
  ☆107Updated 2 years ago