pandora-analysis / pandora
Pandora is an analysis framework to discover if a file is suspicious and conveniently show the results
☆260Updated last week
Alternatives and similar repositories for pandora:
Users that are interested in pandora are comparing it to the libraries listed below
- Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https…☆126Updated last year
- Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.☆310Updated 2 weeks ago
- Open Source Platform for storing, organizing, and searching documents related to cyber threats☆164Updated last year
- MISP Playbooks☆197Updated 2 months ago
- Threat Hunting tool about Sysmon and graphs☆331Updated last year
- A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and contr…☆201Updated this week
- An application to analyze the EML file☆288Updated last week
- A python script developed to process Windows memory images based on triage type.☆262Updated last year
- 🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system�☆284Updated 2 months ago
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆130Updated 3 years ago
- Rules generated from our investigations.☆194Updated 3 weeks ago
- Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…☆253Updated 5 months ago
- A tool designed to hunt for Phishing Kit source code☆222Updated 2 years ago
- This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole …☆200Updated 4 years ago
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆247Updated 2 years ago
- acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.☆101Updated last week
- A list of my personal projects☆176Updated 2 years ago
- Collection of Jupyter Notebooks by @fr0gger_☆162Updated 3 weeks ago
- Repository of attack and defensive information for Business Email Compromise investigations☆250Updated 2 months ago
- This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.☆114Updated last year
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆201Updated 2 years ago
- Yet Another Yara Automaton - Automatically curate open source yara rules and run scans☆277Updated last year
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆709Updated 2 weeks ago
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆155Updated 2 years ago
- A repository of DFIR-related Mind Maps geared towards the visual learners!☆521Updated 2 years ago
- DFIQ is a collection of investigative questions and the approaches for answering them☆277Updated 3 months ago
- Rapidly Search and Hunt through Linux Forensics Artifacts☆188Updated last year
- Data visualization for blue teams☆125Updated 2 years ago
- Powershell module for VMWare vSphere forensics☆150Updated 5 months ago
- A collection of companies that disclose adversary TTPs after they have been breached☆244Updated 11 months ago