Stars
A curated list of annual cyber security reports
Collection of example YARA-L rules for use within Google Security Operations
Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in this exciting journey and add your expertise to our collective …
A tool to support the reporting of Authenticode Certificates by reducing the effort on individuals to report.
Base components for Assemblyline 4 (Datastore, ODM, Filestore, Remote Datatypes, utils function, etc...)
A collection of Tools and Rules for decoding Brute Ratel C4 badgers
POC to replicate the full 'Follina' Office RCE vulnerability for testing purposes
Defences against Cobalt Strike
Volatility plugin for extracts configuration data of known malware
A tool to run .Net DLLs from the command line
Scripts and tools accompanying HP Threat Research blog posts and reports.
Open source pre-operation C2 server based on python and powershell
A command line tool for pstree-like output on macOS with additional pid capturing capabilities
Redress - A tool for analyzing stripped Go binaries
pefile is a Python module to read and work with PE (Portable Executable) files
JXA script for Mythic that prints the TCC.db
Utility to manipulate codesigned application in Mac OS X. Demonstrate the use of csops system call.
AutoMacTC: Automated Mac Forensic Triage Collector
Quick Malicious ClickOnceGenerator for Red Team
A JXA script that leverages sqlite3 API calls to add items to the user's TCC database at: ~/Library/Application Support/com.apple.TCC/TCC.db
Python3 script to generate a macro to launch a Mythic payload. Author: Cedric Owens
Understanding and analyzing carrier files workshop repo