Various public documents, whitepapers and articles about APT campaigns
☆55Apr 1, 2016Updated 9 years ago
Alternatives and similar repositories for APTnotes
Users that are interested in APTnotes are comparing it to the libraries listed below
Sorting:
- Tool to extract indicators of compromise from security reports in PDF format☆35Mar 5, 2016Updated 9 years ago
- Ops-Trust Platform - Portal☆21Aug 5, 2016Updated 9 years ago
- Manage VT Alerts☆62Oct 4, 2016Updated 9 years ago
- Script for pulling events from a MISP database and converting them to Autofocus queries.☆13Dec 28, 2015Updated 10 years ago
- SPL to lucene translator☆15Jan 24, 2015Updated 11 years ago
- A set of Maltego transforms for VirusTotal Public API v2.0. This set has the added functionality of caching queries on a daily basis to s…☆82Nov 29, 2015Updated 10 years ago
- Reconstruct process trees from event logs☆147Aug 12, 2020Updated 5 years ago
- A collection of bro_scripts and signatures☆27Jun 26, 2019Updated 6 years ago
- Parse a report and import the events into MISP☆30Oct 19, 2015Updated 10 years ago
- A Python ctypes package for libyara☆31Aug 4, 2015Updated 10 years ago
- Some IR notes☆73Jul 23, 2016Updated 9 years ago
- Web based Manager for Yara Rules☆58Mar 9, 2020Updated 5 years ago
- This repository contains free Hybrid Analysis contributions to the IT-Security community☆27May 6, 2021Updated 4 years ago
- Coming to a place near you.....☆25Jun 29, 2015Updated 10 years ago
- Various DFIR Tools☆27Jul 23, 2018Updated 7 years ago
- ☆36Oct 5, 2016Updated 9 years ago
- DPS' Lightweight Investigation Notebook☆433Dec 31, 2023Updated 2 years ago
- Custom rules for yara-integrated scans☆16Jun 5, 2013Updated 12 years ago
- A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities☆15Feb 13, 2017Updated 9 years ago
- pocket guide for core threat hunting concepts☆23May 6, 2020Updated 5 years ago
- IOC (Indicator of Compromise) Extractor: a program to help extract IOCs from text files.☆134Jan 14, 2016Updated 10 years ago
- Home to the ActorTrackr source code☆24Jun 21, 2017Updated 8 years ago
- Enables dynamic translation of structured data between formats☆14Dec 14, 2018Updated 7 years ago
- OpenDNS Graph Miner☆45Apr 28, 2017Updated 8 years ago
- Feed for verious malicious IPs such as malware and botnets☆12Jun 20, 2016Updated 9 years ago
- Modified edition of cuckoo☆11Jan 12, 2016Updated 10 years ago
- random scripts for random things☆13Mar 11, 2025Updated 11 months ago
- See here:☆43Dec 6, 2012Updated 13 years ago
- SEC599 supporting GitHub repository☆16Sep 14, 2019Updated 6 years ago
- A set of templates for documenting threat intelligence☆75Feb 28, 2013Updated 13 years ago
- #️⃣ 🕸️ 👤 HTTP Headers Hashing☆13Aug 27, 2023Updated 2 years ago
- Historical Observations of Actionable Reputation Data☆13Jun 26, 2018Updated 7 years ago
- A collection of YARA signatures that I have found around the web.☆11Apr 29, 2016Updated 9 years ago
- A BurpSuite extension for beautifying .NET message parameters and hiding some of the extra clutter that comes with .NET web apps (i.e. __…☆12Jun 29, 2015Updated 10 years ago
- Collecting & Hunting for IOCs with gusto and style☆117Aug 9, 2018Updated 7 years ago
- My Yara Rules Collection☆52Feb 7, 2016Updated 10 years ago
- Yara rules for malware families seen as part of targeted threats project☆141Nov 17, 2016Updated 9 years ago
- rp++ is a full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O x86/x64 binaries. It is open-source and has been tested …☆11Apr 2, 2016Updated 9 years ago
- An informational repo about hunting for adversaries in your IT environment.☆14Apr 10, 2017Updated 8 years ago