Factual Rules Generator
Factual Rules Generator is an open source project that generates YARA rules about installed software from a running operating system. The software aims to use a set of rules against collected digital forensic evidences to find installed software efficiently. It can be used to baseline known software from Windows systems and create rules for identifying similar installations on other systems. Dependencies include pefile, psutil, ndjson, python-tlsh, PyInstaller, ssdeep, and additional tools like xxd and curl.
FEATURES
ALTERNATIVES
A binary analysis platform for analyzing binary programs
A suite of console tools for working with timestamps in Windows with 100-nanosecond precision.
An open source format for storing digital evidence and data, with a C/C++ library for creating, reading, and manipulating AFF4 images.
A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys.
A comprehensive Linux log analysis tool that streamlines the investigation of security incidents by extracting and organizing critical details from supported log files.
A simple Golang application for storing NIST National Software Reference Library Reference Data Set (NSRL RDS) with md5 and sha1 hash lookup searches.
Comprehensive suite for advanced file analysis and software supply chain security.
Windows anti-forensics USB monitoring tool with the ability to shutdown the computer upon detecting the unplugging of a specified USB device.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.