An ICAP Server with yara scanner for URL and content.
updated at Sept. 24, 2024, 6:46 p.m.
Pure Python parser for classic Windows Event Log files (.evt)
updated at Sept. 24, 2024, 6:49 p.m.
Malware/IOC ingestion and processing engine
updated at Oct. 1, 2024, 7:29 p.m.
BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)
updated at Oct. 2, 2024, 9:09 a.m.
Pythonic interface to the Internet Storm Center / DShield API.
updated at Oct. 3, 2024, 5:11 a.m.
Aggregates security threats from a number of online sources, and outputs to Syslog CEF, Snort Signatures, Iptables rules, hosts.deny, etc.
updated at Oct. 3, 2024, 5:11 a.m.
A set of Maltego transforms for VirusTotal Public API v2.0. This set has the added functionality of caching queries on a daily basis to speed up resolutions.
updated at Oct. 3, 2024, 5:11 a.m.
ThreatTracker is a Python script designed to monitor and generate alerts on given sets of indicators of compromise (IOCs) indexed by a set of Google Custom Search Engines.
updated at Oct. 3, 2024, 5:11 a.m.
A framework for receiving and redistributing abuse feeds
updated at Oct. 3, 2024, 5:12 a.m.
A modular Python application to collect intelligence for malicious hosts.
updated at Oct. 3, 2024, 5:12 a.m.
analyze a web-based network traffic 🕶 to detect central command and control servers
updated at Oct. 3, 2024, 5:12 a.m.
A modular Python application to pull intelligence about malicious files
updated at Oct. 3, 2024, 5:12 a.m.
A Python library to interface with a cuckoo-modified instance
updated at Oct. 3, 2024, 5:12 a.m.
A Python library and command line tools to provide interactive log visualization.
updated at Oct. 3, 2024, 5:12 a.m.