A tool for investigating incidents involving users clicking on emails with links or attachments and opening macro-enabled word documents using Sysmon.
YAYA is a tool that automatically curates open-source Yara rules and runs scans. It depends on external packages like go-git, go-yara, and gorm, as well as the yara4 C libraries. The tool provides commands for updating, editing, adding, scanning, and exporting Yara rules, and can also be run in a Docker container.
A tool for investigating incidents involving users clicking on emails with links or attachments and opening macro-enabled word documents using Sysmon.
Modular Threat Hunting Tool & Framework
Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.
ONYPHE is a cyber defense search engine that discovers exposed assets and provides real-time monitoring to identify vulnerabilities and potential risks.
ThreatMiner is a threat intelligence portal that aggregates data from various sources and provides contextual information related to indicators of compromise (IOCs).
A tracker that detects and logs SYN packets with a specific signature generated by the Mirai malware, providing real-time information on Mirai-based campaigns.