wagga40 / Zircolite-RulesLinks
Sigma rules converted for direct use with Zircolite
☆13Updated this week
Alternatives and similar repositories for Zircolite-Rules
Users that are interested in Zircolite-Rules are comparing it to the libraries listed below
Sorting:
- Bring Your Own Mitre Att&ck © Matrix !☆13Updated last year
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated 2 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 3 years ago
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆34Updated 3 years ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 4 years ago
- ☆21Updated 2 months ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Updated 3 months ago
- Collection of scripts used to analyse malware or emails☆19Updated 4 years ago
- Yara Based Detection Engine for web browsers☆47Updated 3 years ago
- Can you pay the ransom in your country?☆14Updated last year
- A web scraper to create MISP events and reports☆15Updated last month
- A MITRE ATT&CK Lookup Tool☆45Updated last year
- my MSTICpy practice and custom tools repository☆11Updated last month
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated last year
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆15Updated 4 years ago
- Scripts and lists to help generate YARA friendly string mutations☆21Updated 2 years ago
- ShellSweeping the evil.☆52Updated 11 months ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆31Updated 4 months ago
- Malformed Access Log to CSV - Convert Web Server Access Logs to CSV☆17Updated 9 months ago
- Hunt malware with Volatility☆47Updated last year
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆27Updated 2 years ago
- Splunk Technology-AddOn for Aurora Sigma-Based EDR Agent. It helps parse and configure the necessary inputs to neatly consume Aurora EDR …☆13Updated 2 years ago
- Quick ESXi Log Parser☆20Updated 4 months ago
- Miscellaneous Scripts☆17Updated 4 years ago
- ☆14Updated 2 years ago
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆31Updated last year
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆36Updated last year
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Updated last year
- ☆19Updated 3 years ago