stvemillertime / CerebroLinks
Scripts and lists to help generate YARA friendly string mutations
☆21Updated 2 years ago
Alternatives and similar repositories for Cerebro
Users that are interested in Cerebro are comparing it to the libraries listed below
Sorting:
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated 2 years ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆34Updated 3 years ago
- YARA rule analyzer to improve rule quality and performance☆102Updated 3 months ago
- The core backend server handling API requests and task management☆43Updated this week
- ☆35Updated 9 months ago
- BlackBerry Threat Research & Intelligence☆98Updated last year
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Updated last year
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆54Updated 2 years ago
- ☆88Updated this week
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆80Updated 2 months ago
- ☆22Updated 2 years ago
- ☆14Updated 2 years ago
- Powershell sandboxing utility☆19Updated 3 weeks ago
- ☆8Updated 9 months ago
- JPCERT/CC public YARA rules repository☆110Updated 7 months ago
- Detection Engineering with YARA☆87Updated last year
- Can you pay the ransom in your country?☆14Updated last year
- A home for detection content developed by the delivr.to team☆69Updated last week
- Rules Shared by the Community from 100 Days of YARA 2023☆77Updated 2 years ago
- Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.☆65Updated 2 years ago
- Remote access and Antivirus Logging Database☆42Updated last year
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆74Updated last year
- THOR Thunderstorm Collectors☆24Updated 3 weeks ago
- Hunt malware with Volatility☆47Updated 3 weeks ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆41Updated 3 years ago
- Collection of scripts provided for public use☆35Updated 3 months ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆45Updated 3 years ago
- ☆16Updated 4 months ago
- simple webapp for converting sigma rules into siem queries using the pySigma library☆49Updated last year