wagga40 / Zircolite-Rules
Sigma rules converted for direct use with Zircolite
☆13Updated last week
Alternatives and similar repositories for Zircolite-Rules:
Users that are interested in Zircolite-Rules are comparing it to the libraries listed below
- Bring Your Own Mitre Att&ck © Matrix !☆13Updated last year
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 3 years ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated 2 years ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 4 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆31Updated 2 months ago
- Can you pay the ransom in your country?☆14Updated last year
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆15Updated 4 years ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- Yara rules☆21Updated 2 years ago
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated last year
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆36Updated last year
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆34Updated 3 years ago
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆26Updated 2 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Updated 2 months ago
- Scripts and lists to help generate YARA friendly string mutations☆21Updated 2 years ago
- Splunk Technology-AddOn for Aurora Sigma-Based EDR Agent. It helps parse and configure the necessary inputs to neatly consume Aurora EDR …☆13Updated 2 years ago
- ☆14Updated 2 years ago
- An experimental Velociraptor implementation using cloud infrastructure☆25Updated this week
- ☆20Updated last month
- Logbook for Digital Forensics and Incident Response☆50Updated 9 months ago
- A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…☆26Updated 2 years ago
- Python library to query various sources of threat intelligence for data on domains, file hashes, and IP addresses.☆31Updated last year
- Converts Sigma detection rules to a Splunk alert configuration.☆13Updated 3 years ago
- Collection of scripts used to analyse malware or emails☆19Updated 4 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- Modular malware analysis artifact collection and correlation framework☆53Updated 11 months ago
- unix_collector is a Live Response collection script for Incident Response on UNIX-like systems using native binaries. Supports AIX, Andro…☆35Updated 3 months ago
- Converting data from services like Censys and Shodan to a common data model☆49Updated 7 months ago
- Public tools, scripts or code snippets that can help when working with our products☆46Updated 2 months ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Updated last year