"Evolving AppCompat/AmCache data analysis beyond grep"
created at April 2, 2017, 6:11 p.m.
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
created at March 28, 2017, 3:07 a.m.
CLI utility and Python module for analyzing log files and other data.
created at Feb. 19, 2017, 8:31 p.m.
StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.
created at Jan. 22, 2017, 1:10 a.m.
A Python library to interface with a cuckoo-modified instance
created at Sept. 25, 2016, 4:15 p.m.
A modular Python application to pull intelligence about malicious files
created at Aug. 30, 2016, 5:35 p.m.
A modular Python application to collect intelligence for malicious hosts.
created at Aug. 22, 2016, 8:25 p.m.
Remote Memory Acquisition Tool
created at Aug. 9, 2016, 5:39 p.m.
A framework for orchestrating forensic collection, processing and data export
created at July 29, 2016, 1:54 p.m.
Zentral is a high-visibility platform for controlling Apple endpoints in enterprises. It brings great observability to IT and makes tracking & reporting compliance much less manual.
created at Oct. 20, 2015, 2:03 p.m.