threatrack / cti_report_collection
Repository collecting and automagically processing public threat intelligence reports.
☆18Updated 4 years ago
Alternatives and similar repositories for cti_report_collection:
Users that are interested in cti_report_collection are comparing it to the libraries listed below
- Repository of Yara rules created by the Stratosphere team☆26Updated 3 years ago
- ☆22Updated last year
- Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine☆22Updated 4 months ago
- Links to malware-related YARA rules☆15Updated 2 years ago
- IoC's, PCRE's, YARA's etc☆24Updated last month
- Detecting Cobalt Strike Team Servers on targets through traffic telemetry.☆21Updated 8 months ago
- Tweettioc Splunk App☆20Updated 4 years ago
- Windows GUI/Execution Engine for Atomic Red Team Atomics☆34Updated 4 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆29Updated 4 years ago
- High fidelity JA3 & JA3S combinations for known botnets and alike☆11Updated 6 years ago
- Building ActiveDirectory Lab for practicing various attack vectors used during Red Team engagement.☆36Updated 5 years ago
- Detecting PowerShell Empire, Metasploit Meterpreter and Cobalt Strike agents by payload size sequence analysis and host correlation☆16Updated 6 years ago
- A Flexible Web Shell Client, Built on Electron☆13Updated 2 years ago
- 威胁检测规则集☆15Updated 5 years ago
- ☆25Updated 4 years ago
- ssdeep cluster analysis for malware files☆30Updated 4 years ago
- ☆23Updated last year
- Globally distributed honeypots and HoneyNets IOCs and file reversing☆16Updated last year
- A Simple PE File Heuristics Scanners☆49Updated 6 years ago
- Everything related to Cobalt Strike☆15Updated 5 years ago
- Tool to test for existence of CVE-2020-8218☆22Updated 4 years ago
- Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research☆53Updated 7 years ago
- Proof of concept code to exploit CVE-2020-12116: Unauthenticated arbitrary file read on ManageEngine OpManger.☆33Updated 4 years ago
- Community maintained list of most popular HIPS service and process names on a Windows Platform.☆43Updated 2 years ago
- QuasarRAT analysis tools and research report☆27Updated last year
- Tracking APT IOCs☆25Updated 4 years ago
- PoC for CVE-2019-10149, this vulnerability could be xploited betwen 4-87 to 4.91 version of Exim server.☆14Updated 5 years ago
- A proof of concept for Metasploit's CVE-2019-5624 vulnerability (Rubyzip insecure ZIP handling RCE)☆13Updated 5 years ago
- All necessary code in order to feed Sysmon data into Recurrent Neural Network☆17Updated 4 years ago
- Convert Empire profiles to Apache mod_rewrite scripts☆27Updated 5 years ago