Packet Storm
Packet Storm is a global security resource providing around-the-clock information and tools to mitigate personal data and fiscal loss on a global scale.
AppCompatProcessor has been designed to extract additional value from enterprise-wide AppCompat / AmCache data beyond the classic stacking and grepping techniques. Note: Windows platform support has been temporarily removed (expect to see it back shortly though). Installation: OSX: You need Python 2.7+, libregf and pyregf (python bindings) from https://github.com/libyal/libregf -Option A Source distribution package from https://github.com/libyal/libregf/releases ./configure --enable-python && make sudo make install python setup.py build python setup.py install -Option B Direct from source git clone https://github.com/libyal/libregf.git cd libregf/ ./synclibs.sh ./autogen.sh ./configure --enable-python && make sudo make install python setup.py build python setup.py install The rest of the requirements you can handle with 'pip install -r requirements.txt'. Linux: You need Python 2.7+ and 'sudo pip install -r requirements.txt' should take care of everything for you. If you have issues with libregf or
Packet Storm is a global security resource providing around-the-clock information and tools to mitigate personal data and fiscal loss on a global scale.
yarAnalyzer creates statistics on a yara rule set and files in a sample directory, generating tables and CSV files, including an inventory feature.
GCTI's open-source detection signatures for malware and threat detection
A library of event-based analytics written in EQL to detect adversary behaviors, now integrated into the Detection Engine of Kibana.
Modular Threat Hunting Tool & Framework
Repository of YARA rules for identifying and classifying malware.