Repository containing IoCs related to Volexity's threat intelligence blog posts and tools.
yarAnalyzer creates statistics on a yara rule set and files in a sample directory. Place some signatures with .yar extension in the 'signatures' folder and then run yarAnalyzer on a certain sample directory like: yarAnalyzer.py -p /sample/path -s /signatures. It will generate two tables as command line output and two CSV files (yaranalyzer_file_stats.csv, yaranalyzer_rule_stats.csv). A new feature is the inventory creation. yarAnalyzer.py --inventory -s /signatures. This will create a CSV file named yara-rule-inventory.csv (default, set with '-o') with information about the initialized rules (Rule File;Rule Name;Description;Reference). Screenshots, Rule Statistics, File Statistics, CSV Output in Excel.
Repository containing IoCs related to Volexity's threat intelligence blog posts and tools.
MISP is an open source threat intelligence platform that enhances threat information sharing and analysis.
DNSDumpster is a domain research tool for discovering and analyzing DNS records to map an organization's attack surface.
CIFv3 is the next version of the Cyber Intelligence Framework, developed against Ubuntu16, encouraging users to transition from CIFv2.
Free intelligence feeds for cybersecurity professionals to stay informed about emerging threats and trends.
Scan files with Yara, match findings to VirusTotal comments.