FireEye Red Team Tool Countermeasures Logo

FireEye Red Team Tool Countermeasures

0
Free
Visit Website

These rules are provided freely to the community without warranty. In this GitHub repository you will find rules in multiple languages: Snort Yara ClamAV HXIOC The rules are categorized and labeled into two release states: Production: rules that are expected to perform with minimal tuning. Supplemental: rules that are known to require further environment-specific tuning and tweaking to perform, and are often used for hunting workflows. Please check back to this GitHub for updates to these rules. FireEye customers can refer to the FireEye Community (community.fireeye.com) for information on how FireEye products detect these threats. The entire risk as to quality and performance of these rules is with the users.

FEATURES

ALTERNATIVES

A comprehensive Threat Intelligence Program Management Solution for managing the entire CTI lifecycle.

Repository of automatically generated YARA rules from Malpedia's YARA-Signator with detailed statistics.

A platform providing an activity feed on exploited vulnerabilities.

A repository of freely usable Yara rules for detection systems, with automated error detection workflows.

Repository of APT-related documents and notes sorted by year.

A database of Tor exit nodes with their corresponding IP addresses and timestamps.

Taxii2 server for interacting with taxii services.

DNSDumpster is a domain research tool for discovering and analyzing DNS records to map an organization's attack surface.