Alternatives and similar repositories for webshell-analyzer:

Users that are interested in webshell-analyzer are comparing it to the libraries listed below

• tstillz / webshell-scan
  Simple web shell scanner written in Golang.
  ☆89Updated 6 years ago
• lawiet47 / autoresponder
  Carbon Black Response IR tool
  ☆53Updated 4 years ago
• la3ar0v / TuxResponse
  Linux Incident Response
  ☆90Updated 5 years ago
• picuslabs / picuslabs
  Picus Labs
  ☆44Updated 4 years ago
• carbonblack / active_c2_ioc_public
  Active C2 IoCs
  ☆98Updated 2 years ago
• DarkenCode / yara-rules
  Repository of yara rules
  ☆46Updated 9 years ago
• Lifars / gargamel
  A forensic evidence acquirer
  ☆86Updated 4 years ago
• mitre-attack / attack-evals
  ATT&CK Evaluations website (DEPRECATED)
  ☆59Updated 3 years ago
• RomanEmelyanov / CobaltStrikeForensic
  Toolset for research malware and Cobalt Strike beacons
  ☆211Updated last month
• Th1ru-M / Windows-Threat-Hunting
  Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine
  ☆22Updated 4 months ago
• cert-lv / exchange_webshell_detection
  Detect webshells dropped on Microsoft Exchange servers exploited through "proxylogon" group of vulnerabilites (CVE-2021-26855, CVE-2021-2…
  ☆98Updated 4 years ago
• 3CORESec / S2AN
  S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
  ☆85Updated 2 years ago
• nccgroup / pybeacon
  A collection of scripts for dealing with Cobalt Strike beacons in Python
  ☆168Updated 4 years ago
• olafhartong / detection-sources
  ☆53Updated 6 years ago
• splunk / melting-cobalt
  A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object
  ☆165Updated 2 years ago
• faisalusuf / ThreatIntelligence
  Tracking APT IOCs
  ☆25Updated 4 years ago
• BinaryDefense / beacon-fronting
  A simple command line program to help defender test their detections for network beacon patterns and domain fronting
  ☆69Updated 3 years ago
• djhohnstein / cliProxy
  Proxy Unix applications in the terminal
  ☆114Updated 4 years ago
• ashemery / CuckooVM
  Cuckoo running in a nested hypervisor
  ☆128Updated 4 years ago
• memoryforensics1 / VolExp
  volatility explorer
  ☆91Updated 4 years ago
• CyberMonitor / Invoke-Adversary
  Simulating Adversary Operations
  ☆93Updated 7 years ago
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆76Updated 3 years ago
• claroty / CVE2020-0796
  CVE2020-0796 SMBv3 RCE
  ☆61Updated 5 years ago
• brakmic / Sinkholes
  Malware Sinkhole List in various formats
  ☆103Updated 2 years ago
• fox-it / cobaltstrike-beacon-data
  Open Dataset of Cobalt Strike Beacon metadata (2018-2022)
  ☆125Updated 3 years ago
• 0xrawsec / gene
  Signature engine for all your logs
  ☆167Updated last year
• MISP / evtx-toolkit
  Tool to read EVTX files including SYSMON and convert to JSON, MISP Objects and Graph stream
  ☆11Updated 4 years ago
• mandiant / goauditparser
  ☆44Updated last year
• FixTheExchange / Invoke-ExchangeWebShellHunter
  PowerShell script for hunting webshells on Microsoft Exchange Servers.
  ☆56Updated 8 years ago
• sapphirex00 / Threat-Hunting
  Personal compilation of APT malware from whitepaper releases, documents and own research
  ☆261Updated 6 years ago