pr0xylife / QakbotLinks
☆197Updated last year
Alternatives and similar repositories for Qakbot
Users that are interested in Qakbot are comparing it to the libraries listed below
Sorting:
- ☆141Updated last week
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆245Updated 4 months ago
- Sigma rules to share with the community☆121Updated 6 months ago
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆327Updated 2 months ago
- MAL-CL (Malicious Command-Line)☆315Updated 2 years ago
- IOC Collection 2022☆57Updated 2 years ago
- ☆69Updated 5 months ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆204Updated 3 years ago
- ☆96Updated 2 months ago
- Welcome to the SEKOIA.IO Community repository!☆163Updated 2 weeks ago
- ☆160Updated last year
- Some Threat Hunting queries useful for blue teamers☆127Updated 3 years ago
- Purpleteam scripts simulation & Detection - trigger events for SOC detections☆187Updated 7 months ago
- Active C&C Detector☆155Updated last year
- ☆130Updated last year
- A python script developed to process Windows memory images based on triage type.☆263Updated last year
- ☆513Updated 9 months ago
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆189Updated this week
- ☆203Updated 9 months ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆96Updated 2 years ago
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆168Updated 2 years ago
- MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity☆92Updated 4 years ago
- yara detection rules for hunting with the threathunting-keywords project☆126Updated 2 months ago
- Full of public notes and Utilities☆127Updated 5 months ago
- Rules generated from our investigations.☆196Updated last month
- A ProcessMonitor visualization application written in rust.☆181Updated last year
- Signatures and IoCs from public Volexity blog posts.☆355Updated 2 months ago
- Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].☆155Updated 2 years ago
- The Threat Actor Profile Guide for CTI Analysts☆110Updated 2 years ago
- Rapidly Search and Hunt through Linux Forensics Artifacts☆194Updated last year