prodaft / malware-ioc
This repository contains indicators of compromise (IOCs) of our various investigations.
☆205Updated 4 months ago
Related projects: ⓘ
- Purpleteam scripts simulation & Detection - trigger events for SOC detections☆149Updated 2 weeks ago
- Signatures and IoCs from public Volexity blog posts.☆307Updated last month
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆136Updated 10 months ago
- IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&…☆347Updated last year
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆216Updated 6 months ago
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆266Updated 3 weeks ago
- Just some lists of Malware Configs☆158Updated 2 weeks ago
- ☆296Updated this week
- Jupyter Notebooks for the Blue Team☆139Updated last year
- ☆130Updated 7 months ago
- ☆194Updated 7 months ago
- A ProcessMonitor visualization application written in rust.☆175Updated last year
- ☆185Updated last year
- Repository resource for threat hunter☆157Updated 6 years ago
- ☆503Updated last month
- ☆168Updated 8 months ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆192Updated 2 years ago
- A python script developed to process Windows memory images based on triage type.☆259Updated 9 months ago
- CLI tools for forensic investigation of Windows artifacts☆296Updated last month
- IOC Stream and Command and Control Database Containing Command and Control (C2) Servers Detected Daily by ThreatMon.☆57Updated 8 months ago
- This repo is a collection of Ransomware reports from vendors, researchers, etc.☆111Updated 2 years ago
- Collection of resources that are made by the Malware Research community☆217Updated last year
- The Threat Actor Profile Guide for CTI Analysts☆89Updated last year
- Open Source Platform for storing, organizing, and searching documents related to cyber threats☆154Updated 10 months ago
- Some Threat Hunting queries useful for blue teamers☆120Updated 2 years ago
- MAL-CL (Malicious Command-Line)☆308Updated last year
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆238Updated last year
- An Archive of Ransomware Notes Past and Present Collected by Zscaler ThreatLabz☆268Updated 2 weeks ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆154Updated this week
- Leaked communication of Conti ransomware group from Jan 29, 2021 to Feb 27, 2022☆128Updated 2 years ago