y3n11 / CaptainLinks
Userland API monitor for threat hunting
☆58Updated 5 years ago
Alternatives and similar repositories for Captain
Users that are interested in Captain are comparing it to the libraries listed below
Sorting:
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Updated 2 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- ☆27Updated 3 years ago
- Generate YARA rules for OOXML documents.☆38Updated 2 years ago
- Random hunting ordiented yara rules☆97Updated 2 years ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆44Updated 4 years ago
- This is a repository that is meant to hold detections for various process injection techniques.☆34Updated 5 years ago
- Merge all Yara rules from official Yara github repository in one .yar file☆30Updated 7 years ago
- Links to malware-related YARA rules☆15Updated 2 years ago
- Documentation and parsers for different anti-virus quarantine formats.☆42Updated 4 years ago
- ☆15Updated 3 years ago
- Modular malware analysis artifact collection and correlation framework☆53Updated last year
- A set of tools for collecting forensic information☆26Updated 5 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆74Updated 3 years ago
- Rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sending data to Elastic Cloud.☆50Updated last year
- Manipulate timestamps on NTFS☆52Updated 10 years ago
- Machine Interrogation To Identify Gaps & Techniques for Execution☆32Updated 3 years ago
- Code and Slides of my BSides London 2019 presentation about Attacker Emulation using CALDERA☆23Updated 6 years ago
- ☆34Updated 2 years ago
- Unpacking and decryption tools for the Emotet malware☆45Updated 3 years ago
- Standardized Malware Analysis Tool☆53Updated 4 years ago
- Epimitheus is a tool that uses graphical database Neo4j for Windows Events visualization.☆19Updated 3 years ago
- A library for fast parse & import of Windows Eventlogs into Elasticsearch.☆85Updated 2 months ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆38Updated 2 years ago
- Get intelligence info (tags, mitre techniques, yara and more) and find similar malware in a fast and easy way☆18Updated 3 years ago
- Scans a malware file and lists down the related MBC (Malware Behavior Catalog) details.☆22Updated 3 years ago
- Documentation and supporting script sample for Windows Exploit Guard☆157Updated 3 years ago
- YARA rule analyzer to improve rule quality and performance☆102Updated 4 months ago
- Scripts, Yara rules and other files developed during malware investigations☆25Updated 3 years ago
- Yara Rules for Modern Malware☆77Updated last year