vmware-samples / tau-research

The project will serve as a central repository for VMware Threat Analysis Unit (TAU) to share threat intelligence with the security community, such as threat indicators of compromises (IoCs) and the corresponding scripts/tools TAU developed to extract the IoCs. The IoCs are typically used/discussed in TAU's published research papers such as repo…

☆16

Related projects ⓘ

Alternatives and complementary repositories for tau-research

RustyNoob-619 / 100-Days-of-YARA-2024
☆19Updated 7 months ago
matthw / malware_analysis
☆18Updated 7 months ago
RedTeamOperations / Detecting-Adversarial-Tradecrafts-Tools-by-leveraging-ETW
CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"
☆46Updated 2 years ago
michael2to3 / c2-search-netlas
Search for c2 servers based on netlas
☆39Updated last year
lasq88 / MalwareAnalysis
Malware Analysis tools
☆25Updated 2 months ago
SIFalcon / Detection
☆21Updated last year
Immersive-Labs-Sec / BruteRatel-DetectionTools
A collection of Tools and Rules for decoding Brute Ratel C4 badgers
☆62Updated 2 years ago
LOFL-Project / LOFLCAB
☆50Updated 7 months ago
AhmedKamal1432 / Evilize
Triaging Windows event logs based on SANS Poster
☆37Updated last year
StrikeReady-Inc / samples
shared samples from #dailyphish and/or #apt tweets
☆35Updated this week
JPCERTCC / CobaltStrike-Config
Repository for archiving Cobalt Strike configuration
☆28Updated this week
eremit4 / cs-discovery
Detecting Cobalt Strike Team Servers on targets through traffic telemetry.
☆20Updated 3 months ago
jstrosch / subparse
Modular malware analysis artifact collection and correlation framework
☆52Updated 6 months ago
elastic / siglearn
Code for BH21 talk: "Generating YARA Rules by Classifying Malicious Byte Sequences"
☆16Updated 3 years ago
fkie-cad / amides
An Adaptive Misuse Detection System
☆29Updated 2 weeks ago
SevenStones / auditpolCIS
CIS Benchmark testing of Windows SIEM configuration
☆43Updated last year
sketchymoose / workslikeaJARM
Method of finding interesting domains using keywords + JARMs
☆13Updated last year
0x534a / dynmx
Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!
☆82Updated last year
patrickhener / invictus
OSED Practice binary
☆24Updated 11 months ago
sneakid / DC30-PhineasTalk
Slides for the talk we presented as UniPi at DefCon's Red Team Village
☆23Updated 2 years ago
RedTeamOperations / GCPTokenReuse
☆17Updated last year
georgi-i / winevt_logs_analysis
Searching .evtx logs for remote connections
☆23Updated last year
mhaskar / DNSKeyGen
A tool to exchange decryption keys for command and control (C2) beacons and implants through DNS records.
☆39Updated last year
FarghlyMal / Config-Extractors
☆27Updated 3 months ago
mr-r3b00t / NotProxyShellHunter
Check for NotProxyShell CVE-2022-40140 & CVE-2022-41082
☆25Updated 2 years ago
SafeBreach-Labs / CortexVortex
☆72Updated 6 months ago
hasherezade / pesieve-go
Golang bindings for PE-sieve
☆40Updated last year
brokensound77 / LoFP
Living off the False Positive!
☆29Updated 2 months ago