pandora-analysis / pandora
Pandora is an analysis framework to discover if a file is suspicious and conveniently show the results
☆261Updated this week
Alternatives and similar repositories for pandora
Users that are interested in pandora are comparing it to the libraries listed below
Sorting:
- Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https…☆126Updated last year
- A python script developed to process Windows memory images based on triage type.☆262Updated last year
- Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.☆311Updated last month
- Open Source Platform for storing, organizing, and searching documents related to cyber threats☆165Updated last year
- A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and contr…☆209Updated 2 weeks ago
- Data visualization for blue teams☆126Updated 2 years ago
- Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…☆253Updated 6 months ago
- MISP Playbooks☆200Updated 3 months ago
- 🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system☆286Updated last week
- Sublime rules for email attack detection, prevention, and threat hunting.☆306Updated this week
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆155Updated 3 years ago
- A list of my personal projects☆177Updated 2 years ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆202Updated 2 years ago
- Rules generated from our investigations.☆195Updated last month
- Signatures and IoCs from public Volexity blog posts.☆354Updated 3 months ago
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆130Updated 3 years ago
- Yet Another Yara Automaton - Automatically curate open source yara rules and run scans☆280Updated last year
- This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole …☆200Updated 4 years ago
- Repository of attack and defensive information for Business Email Compromise investigations☆251Updated last week
- Docker image for Velocidex Velociraptor☆126Updated 2 months ago
- An application to analyze the EML file☆288Updated last month
- Automated YARA Rule Standardization and Quality Assurance Tool☆218Updated last week
- A web application that allows the users to check whether their SPF, DMARC and DKIM configuration is set up correctly.☆142Updated this week
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆132Updated last year
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆287Updated last week
- acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.☆102Updated this week
- Artifact collection tool for *nix systems☆205Updated last year
- LOKI2 - Simple IOC and YARA Scanner☆93Updated 9 months ago
- How to setup a honeypot with an IDS, ELK and TLS traffic inspection☆157Updated 2 years ago
- Jupyter Notebooks for the Blue Team☆144Updated last month