A curated list of Awesome Threat Intelligence resources
updated at Nov. 16, 2024, 1:08 p.m.
Collection of almost 40.000 javascript malware samples
updated at Nov. 16, 2024, 11:49 a.m.
A curated list of resources related to Industrial Control System (ICS) security.
updated at Nov. 16, 2024, 8:24 a.m.
Collection of malware persistence and hunting information. Be a persistent persistence hunter!
updated at Nov. 16, 2024, 8:10 a.m.
A curated list of awesome infosec courses and training resources.
updated at Nov. 16, 2024, 8 a.m.
DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted from malware includes items such as addresses, passwords, filenames, and mutex names.
updated at Nov. 16, 2024, 7:34 a.m.
inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extract processes, hypervisors (including nested) in memory dumps using microarchitechture independent Virtual Machiene Introspection techniques
updated at Nov. 16, 2024, 7:14 a.m.
Adversary tradecraft detection, protection, and hunting
updated at Nov. 16, 2024, 6:59 a.m.
Visualize network topologies and collect graph statistics based on pcap files
updated at Nov. 16, 2024, 2:26 a.m.
ngrep is like GNU grep applied to the network layer. It's a PCAP-based tool that allows you to specify an extended regular or hexadecimal expression to match against data payloads of packets. It understands many kinds of protocols, including IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw, across a wide variety of interface types, and understands BPF filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.
updated at Nov. 15, 2024, 10:57 p.m.