strontic / xcyclopediaLinks
Encyclopedia for Executables
☆444Updated 3 years ago
Alternatives and similar repositories for xcyclopedia
Users that are interested in xcyclopedia are comparing it to the libraries listed below
Sorting:
- A collection of red team and adversary emulation resources developed and released by MITRE.☆512Updated 4 years ago
- PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monit…☆808Updated 5 months ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆581Updated last year
- MAL-CL (Malicious Command-Line)☆313Updated 2 years ago
- ☆770Updated 2 years ago
- Sysmon EDR POC Build within Powershell to prove ability.☆224Updated 4 years ago
- Event Tracing For Windows (ETW) Resources☆387Updated 8 months ago
- Standard collection of rules for capa: the tool for enumerating the capabilities of programs☆588Updated this week
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆375Updated 3 years ago
- Repository of YARA rules made by Trellix ATR Team☆597Updated 2 months ago
- Misc Threat Hunting Resources☆373Updated 2 years ago
- A repository of DFIR-related Mind Maps geared towards the visual learners!☆525Updated 2 years ago
- ☆148Updated last year
- #ThreatHunting #DFIR #Malware #Detection Mind Maps☆297Updated 3 years ago
- Public Repo for Atomic Test Harness☆272Updated last month
- C# based evtx parser with lots of extras☆309Updated last month
- Collection of private Yara rules.☆354Updated last month
- PowerShell script for deobfuscating encoded PowerShell scripts☆424Updated 4 years ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆717Updated 2 months ago
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆576Updated 4 months ago
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆163Updated 6 months ago
- ☆517Updated 5 months ago
- Tool Analysis Result Sheet☆354Updated 7 years ago
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆616Updated 11 months ago
- Investigate suspicious activity by visualizing Sysmon's event log☆423Updated last year
- Sysmon configuration file template with default high-quality event tracing☆486Updated last year
- ☆302Updated 4 years ago
- A python script developed to process Windows memory images based on triage type.☆262Updated last year
- $MFT directory tree reconstruction & FILE record info☆305Updated 8 months ago
- Sigma rules from Joe Security☆215Updated 7 months ago