In-depth analysis of real-world attacks and threat tactics
YMCA is a tool designed for threat hunters, incident responders, and security analysts to visually present the correspondences between a YARA ruleset and a collection of samples, focusing exclusively on the strings section of the rules. To use, download and run the standalone binary on Linux or Windows, then access it via localhost:4449. Use cases include gaining a complete view of the coverage of a new rule and reviewing the accuracy of an existing rule at the start of a new campaign.
In-depth analysis of real-world attacks and threat tactics
Threat hunting tool leveraging Windows events for identifying outliers and suspicious behavior.
Modular Threat Hunting Tool & Framework
Dataplane.org is a nonprofit organization providing free data, tools, and analysis to increase awareness of Internet trends, anomalies, threats, and misconfigurations.
A repository of cybersecurity datasets and tools curated by @sooshie.
C# wrapper around Yara pattern matching library with Loki and Yara signature support.