AppCompatProcessor
A tool designed to extract additional value from enterprise-wide AppCompat / AmCache data
Sysmon is a powerful tool for gaining insight into system activities and changes, allowing for investigation of incidents like users clicking on emails with links or attachments and opening macro-enabled word documents. This tool can help in monitoring and analyzing Sysmon Event IDs related to process creation and other events.
A tool designed to extract additional value from enterprise-wide AppCompat / AmCache data
A platform providing real-time threat intelligence streams and reports on internet-exposed assets to help organizations monitor and secure their attack surface.
A tool for extracting IOCs from various input sources and converting them into JSON format.
Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.
Check if an IP address was used as a Tor relay on a given date.
CLI tool for ThreatCrowd.org with multiple query functions.