AppCompatProcessor
AppCompatProcessor has been designed to extract additional value from enterprise-wide AppCompat / AmCache data beyond the classic stacking and grepping techniques. Note: Windows platform support has been temporarily removed (expect to see it back shortly though). Installation: OSX: You need Python 2.7+, libregf and pyregf (python bindings) from https://github.com/libyal/libregf -Option A Source distribution package from https://github.com/libyal/libregf/releases ./configure --enable-python && make sudo make install python setup.py build python setup.py install -Option B Direct from source git clone https://github.com/libyal/libregf.git cd libregf/ ./synclibs.sh ./autogen.sh ./configure --enable-python && make sudo make install python setup.py build python setup.py install The rest of the requirements you can handle with 'pip install -r requirements.txt'. Linux: You need Python 2.7+ and 'sudo pip install -r requirements.txt' should take care of everything for you. If you have issues with libregf or
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Create deceptive webpages to deceive and redirect attackers away from real websites by cloning them.
DNSDumpster is a domain research tool for discovering and analyzing DNS records to map an organization's attack surface.
C# wrapper around Yara pattern matching library with Loki and Yara signature support.
CINSscore.com provides Threat Intelligence database with accurate IP scores and collective defense through community and Sentinel IPS unit sourced data.
A threat exposure management platform that monitors clear and dark web environments to detect and provide actionable intelligence on potential security threats like data leaks, credentials, and malicious actor activities.
TIH is an intelligence tool that helps you search for IOCs across multiple security feeds and APIs.
A comprehensive list of APT groups and operations for tracking and mapping different names and naming schemes used by cybersecurity companies and antivirus vendors.
FireEye Mandiant SunBurst Countermeasures: freely available rules for detecting malicious files and activity
AbuseHelper is an open-source framework for receiving and redistributing abuse feeds and threat intel.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.