youhgo / DOPP
DFIR ORC PARSER PROJECT
☆10Updated last week
Related projects ⓘ
Alternatives and complementary repositories for DOPP
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆25Updated last month
- Pythia is a versatile query format designed to facilitate the discovery of malicious infrastructure by seamlessly converting into the syn…☆30Updated 3 months ago
- USB Scanning device☆20Updated 4 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆49Updated 5 months ago
- Website for ail-typo-squatting library☆53Updated 5 months ago
- Automation script to download JSON MISP files from a SFTP server and import them via API to a MISP instance.☆16Updated last year
- A web scraper to create MISP events and reports☆14Updated last year
- MalStatWare automates malware analysis with Python. Extract key details like file size, type, hash, path, and digital signature. It analy…☆29Updated 6 months ago
- Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.☆49Updated 3 weeks ago
- Algorithme d'apprentissage statistique permettant de créer un modèle sur les lignes de commandes des évènements "Création de Processus", …☆78Updated 8 months ago
- Search Engines ADs scanner - spotting malvertising in search engines has never been easier!☆35Updated 4 months ago
- C2 Active Scanner☆47Updated 4 months ago
- The core backend server handling API requests and task management☆31Updated this week
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆110Updated 7 months ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆66Updated this week
- Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports☆39Updated this week
- Track C2 servers, tools, and botnets over time by framework and location☆36Updated last year
- ☆82Updated 2 months ago
- AIL project training materials☆24Updated 2 months ago
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆139Updated last month
- Practical Information Sharing between Law Enforcement and CSIRT communities using MISP☆31Updated last year
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆62Updated 9 months ago
- Detection Engineering with YARA☆85Updated 10 months ago
- Summarize CTI reports with OpenAI☆13Updated this week
- FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.☆48Updated 8 months ago
- A home for detection content developed by the delivr.to team☆59Updated 2 months ago
- A proof-of-concept re-assembler for reverse VNC traffic.☆25Updated last year
- DEFCON 31 slide deck and video link☆58Updated 4 months ago
- Dissect triage script for Citrix NetScaler devices☆22Updated 4 months ago