VT_RuleMGR.py | CyberSecTools

VT_RuleMGR.py

0 (0)

Miscellaneous tool for checking samples against VirusTotal. Usage: $ python VT_RuleMGR.py -h usage: VT_RuleMGR.py [-h] [--list] [--create FILE] [--delete DELETE] optional arguments: -h, --help show this help message and exit --list List names/ids of Yara rules stored on VT --create FILE Add a Yara rule to VT (File Name used as RuleName --delete DELETE Delete a Yara rule from VT (By Name) Demo:

Threat Management

Free

virus-total yara rule-management malware-analysis threat-intelligence

ALTERNATIVES

DeepBlueCLI

0 (0)

A PowerShell module for threat hunting via Windows Event Logs

Threat Management

Free

blue-team powershell event-log threat-hunting windows-event-logs event-log-analysis

YaYaGen

0 (0)

Automatic YARA rule generator based on Koodous reports with limited false positives.

Threat Management

Free

malware yara signature-generation

Yara Scanner

0 (0)

A tool for tracking, scanning, and filtering yara files with distributed scanning capabilities.

Threat Management

Free

file-scanning yara directory-scanning

FireEye IOCs

0 (0)

Repository of IOCs provided under the Apache 2.0 license

Threat Management

Free

openioc-to-stix

0 (0)

Converts OpenIOC v1.0 XML files into STIX Indicators, generating STIX v1.2 and CybOX v2.1 content.

Threat Management

Free

ioc python stix

ThreatHunting

0 (0)

A Splunk app mapped to MITRE ATT&CK to guide threat hunts.

Threat Management

Free

incident-response threat-hunting splunk mitre-attack sysmon