stvemillertime / RonnieColemanYARAParserLinks
An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.
☆21Updated 2 years ago
Alternatives and similar repositories for RonnieColemanYARAParser
Users that are interested in RonnieColemanYARAParser are comparing it to the libraries listed below
Sorting:
- Threat Box Assessment Tool☆19Updated 4 years ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated 2 years ago
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Updated last year
- ☆14Updated 2 years ago
- Hunt malware with Volatility☆47Updated 3 months ago
- CSIRT Jump Bag☆26Updated last year
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆41Updated 3 years ago
- Scripts and lists to help generate YARA friendly string mutations☆22Updated 2 years ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆45Updated 3 years ago
- ☆88Updated 2 months ago
- ☆35Updated last year
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆21Updated 2 years ago
- Extract BITS jobs from QMGR queue and store them as CSV records☆75Updated 8 months ago
- simple webapp for converting sigma rules into siem queries using the pySigma library☆51Updated 2 years ago
- Simple yara rule manager☆66Updated 2 years ago
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆34Updated 3 years ago
- my MSTICpy practice and custom tools repository☆11Updated 6 months ago
- Publicly shareable windows event log message data