redcanaryco / public-research
Public repository for Red Canary Research
☆34Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for public-research
- C# User Simulation☆33Updated 2 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 2 years ago
- Radare2 Metadata Extraction to Elasticsearch☆21Updated 5 months ago
- Standardized Malware Analysis Tool☆51Updated 3 years ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆37Updated last year
- ☆15Updated 2 years ago
- Modular malware analysis artifact collection and correlation framework☆52Updated 6 months ago
- Links to malware-related YARA rules☆14Updated 2 years ago
- ☆59Updated 4 months ago
- Presentation materials for talks I've given.☆20Updated 5 years ago
- Splunk Technology-AddOn for Aurora Sigma-Based EDR Agent. It helps parse and configure the necessary inputs to neatly consume Aurora EDR …☆13Updated 2 years ago
- A list of IOCs applicable to PoshC2☆24Updated 4 years ago
- A tool to help malware analysts signature unique parts of RTF documents☆29Updated 9 months ago
- Maltego transforms to pivot between PE files based on their VirusTotal codeblocks☆18Updated 3 years ago
- Generate YARA rules for OOXML documents.☆37Updated last year
- A YARA Rule Performance Measurement Tool☆58Updated 8 months ago
- various slides and presentations I've worked on☆18Updated 8 months ago
- Steezy - Ghetto Yara Generation☆15Updated last year
- ☆22Updated 3 years ago
- ProcDot Malware Sandbox☆21Updated 6 years ago
- Malware similarity platform with modularity in mind.☆76Updated 3 years ago
- Imphash-like calculation on Golang binaries☆47Updated 2 years ago
- TA505 unpacker Python 2.7☆46Updated 4 years ago
- ☆18Updated 4 years ago
- A set of YARA rules for the AIL framework to detect leak or information disclosure☆36Updated 3 months ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆56Updated last year
- Crowdstrike Falcon Host script for iterating through instances to get alert and other relevant data☆13Updated 5 years ago
- Handy scripts to speed up malware analysis☆35Updated last year
- Converts Sigma detection rules to a Splunk alert configuration.☆13Updated 3 years ago
- labs_modern_malware_c2 Originally supporting Defcon workshop, will morph into Attack Defend for C2.☆18Updated 2 years ago