strontic / xcyclopedia
Encyclopedia for Executables
☆409Updated 2 years ago
Related projects: ⓘ
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆568Updated 4 months ago
- A wireshark plugin to instrument ETW☆527Updated 2 years ago
- Event Tracing For Windows (ETW) Resources☆342Updated 10 months ago
- PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monit…☆767Updated last year
- Collection of private Yara rules.☆317Updated last month
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆658Updated last month
- A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet.☆592Updated 9 months ago
- Misc Threat Hunting Resources☆368Updated last year
- Repository of YARA rules made by Trellix ATR Team☆560Updated 8 months ago
- Tool Analysis Result Sheet☆342Updated 6 years ago
- Standard collection of rules for capa: the tool for enumerating the capabilities of programs☆519Updated this week
- A repository of DFIR-related Mind Maps geared towards the visual learners!☆508Updated 2 years ago
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆360Updated 2 years ago
- C# based evtx parser with lots of extras☆266Updated 2 weeks ago
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆485Updated this week
- Public Repo for Atomic Test Harness☆244Updated 2 months ago
- ☆474Updated 3 weeks ago
- Detection in the form of Yara, Snort and ClamAV signatures.☆201Updated last week
- A collection of red team and adversary emulation resources developed and released by MITRE.☆490Updated 3 years ago
- PowerShell script for deobfuscating encoded PowerShell scripts☆416Updated 3 years ago
- Sysmon EDR POC Build within Powershell to prove ability.☆215Updated 3 years ago
- ☆130Updated 7 months ago
- Sophos-originated indicators-of-compromise from published reports☆534Updated last week
- RegRipper3.0☆534Updated 3 weeks ago
- ReversingLabs YARA Rules☆744Updated last week
- Parses $MFT from NTFS file systems☆183Updated this week
- IOC from articles, tweets for archives☆310Updated 9 months ago
- Tools for hunting for threats.☆564Updated last year
- Lnk Explorer Command line edition!!☆261Updated 3 months ago
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆697Updated last year