{"payload":{"pageCount":2,"repositories":[{"type":"Public","name":"minusone","owner":"airbus-cert","isFork":false,"description":"Script deobfuscator","allTopics":[],"primaryLanguage":{"name":"Rust","color":"#dea584"},"pullRequestCount":0,"issueCount":0,"starsCount":11,"forksCount":0,"license":"MIT License","participation":[0,0,0,0,0,0,3,10,0,0,0,4,3,1,5,2,2,6,4,15,0,3,5,0,2,4,0,0,0,0,0,0,0,0,0,0,0,0,2,0,1,0,0,0,0,6,0,0,0,0,6,4],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-07T09:16:14.620Z"}},{"type":"Public","name":"tree-sitter-powershell","owner":"airbus-cert","isFork":false,"description":"Powershell grammar for tree-sitter","allTopics":[],"primaryLanguage":{"name":"C","color":"#555555"},"pullRequestCount":2,"issueCount":1,"starsCount":19,"forksCount":3,"license":"MIT License","participation":[0,0,0,0,0,0,5,0,0,0,0,4,3,0,2,1,0,4,6,6,0,1,1,0,3,4,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-05-30T15:56:45.860Z"}},{"type":"Public","name":"vbSparkle","owner":"airbus-cert","isFork":false,"description":"VBScript & VBA source-to-source deobfuscator with partial-evaluation","allTopics":[],"primaryLanguage":{"name":"C#","color":"#178600"},"pullRequestCount":1,"issueCount":1,"starsCount":68,"forksCount":10,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-05-17T13:34:37.829Z"}},{"type":"Public","name":"CVE-2024-4040","owner":"airbus-cert","isFork":false,"description":"Scanner for CVE-2024-4040","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":0,"starsCount":47,"forksCount":8,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-05-17T06:48:43.188Z"}},{"type":"Public","name":"ttddbg","owner":"airbus-cert","isFork":false,"description":"Time Travel Debugging IDA plugin","allTopics":["debugging","reverse-engineering","ida"],"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":2,"issueCount":5,"starsCount":548,"forksCount":37,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-05-03T10:44:04.243Z"}},{"type":"Public","name":"timeliner","owner":"airbus-cert","isFork":false,"description":"A rewrite of mactime, a bodyfile reader","allTopics":["forensics","dfir","mactime","bodyfile"],"primaryLanguage":{"name":"Go","color":"#00ADD8"},"pullRequestCount":0,"issueCount":0,"starsCount":32,"forksCount":6,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-12-19T16:06:56.498Z"}},{"type":"Public","name":"usnrs","owner":"airbus-cert","isFork":false,"description":"USN Journal parsing software and library","allTopics":[],"primaryLanguage":{"name":"Rust","color":"#dea584"},"pullRequestCount":0,"issueCount":2,"starsCount":5,"forksCount":0,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-10-19T13:14:11.883Z"}},{"type":"Public","name":"regrippy","owner":"airbus-cert","isFork":false,"description":"A modern Python-3-based alternative to RegRipper","allTopics":["python","windows","registry","forensics","dfir"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":1,"starsCount":177,"forksCount":17,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-10-16T14:25:02.255Z"}},{"type":"Public","name":"tree-sitter","owner":"airbus-cert","isFork":true,"description":"An incremental parsing system for programming tools","allTopics":[],"primaryLanguage":{"name":"Rust","color":"#dea584"},"pullRequestCount":0,"issueCount":0,"starsCount":2,"forksCount":1231,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-10-05T07:44:24.560Z"}},{"type":"Public","name":"skyblue.team","owner":"airbus-cert","isFork":false,"description":"Our website","allTopics":[],"primaryLanguage":{"name":"CSS","color":"#563d7c"},"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":0,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-08-25T07:53:40.896Z"}},{"type":"Public","name":"bodyfile","owner":"airbus-cert","isFork":false,"description":"A bodyfile parsing library","allTopics":["golang","forensics","dfir","mactime","bodyfile"],"primaryLanguage":{"name":"Go","color":"#00ADD8"},"pullRequestCount":0,"issueCount":0,"starsCount":2,"forksCount":1,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-08-21T15:25:35.256Z"}},{"type":"Public","name":"ttd2mdmp","owner":"airbus-cert","isFork":false,"description":"Extract data of TTD trace file to a minidump","allTopics":[],"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":0,"issueCount":2,"starsCount":27,"forksCount":1,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-07-31T07:57:20.199Z"}},{"type":"Public","name":"comida","owner":"airbus-cert","isFork":false,"description":"An IDA Plugin that help analyzing module that use COM","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":2,"starsCount":196,"forksCount":24,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-07-27T09:01:02.927Z"}},{"type":"Public","name":"yara-ttd","owner":"airbus-cert","isFork":false,"description":"Use YARA rules on Time Travel Debugging traces","allTopics":[],"primaryLanguage":{"name":"C","color":"#555555"},"pullRequestCount":1,"issueCount":3,"starsCount":85,"forksCount":13,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-07-11T13:31:14.953Z"}},{"type":"Public","name":"dnYara","owner":"airbus-cert","isFork":false,"description":"A multi-platform .Net wrapper library for the native Yara library. ","allTopics":[],"primaryLanguage":{"name":"C#","color":"#178600"},"pullRequestCount":1,"issueCount":5,"starsCount":33,"forksCount":11,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-06-30T13:22:13.376Z"}},{"type":"Public","name":"SysmonForLinux","owner":"airbus-cert","isFork":true,"description":"","allTopics":[],"primaryLanguage":{"name":"C","color":"#555555"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":178,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-06-27T13:34:30.571Z"}},{"type":"Public","name":"SysmonCommon","owner":"airbus-cert","isFork":true,"description":"The common parts of the Sysinternals Sysmon tool shared between the Windows and Linux versions.","allTopics":[],"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":15,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-06-27T13:34:07.642Z"}},{"type":"Public","name":"ttd-bindings","owner":"airbus-cert","isFork":true,"description":"Bindings for Microsoft WinDBG TTD","allTopics":[],"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":31,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-03-29T12:31:32.545Z"}},{"type":"Public","name":"MISP","owner":"airbus-cert","isFork":true,"description":"MISP (core software) - Open Source Threat Intelligence Platform (formely known as Malware Information Sharing Platform)","allTopics":[],"primaryLanguage":{"name":"PHP","color":"#4F5D95"},"pullRequestCount":0,"issueCount":0,"starsCount":4,"forksCount":1350,"license":"GNU Affero General Public License v3.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-10-14T11:59:10.554Z"}},{"type":"Public","name":"Yagi","owner":"airbus-cert","isFork":false,"description":"Yet Another Ghidra Integration for IDA","allTopics":["ida-plugin","decompiler","reverse-engineering","disassembler","ghidra"],"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":0,"issueCount":8,"starsCount":469,"forksCount":38,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-08-04T15:01:49.414Z"}},{"type":"Public","name":"etwbreaker","owner":"airbus-cert","isFork":false,"description":"An IDA plugin to deal with Event Tracing for Windows (ETW)","allTopics":["ida","etw"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":0,"starsCount":52,"forksCount":20,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-07-08T09:20:29.059Z"}},{"type":"Public","name":"dirtypipe-ebpf_detection","owner":"airbus-cert","isFork":false,"description":"An eBPF detection program for CVE-2022-0847","allTopics":[],"primaryLanguage":{"name":"C","color":"#555555"},"pullRequestCount":0,"issueCount":0,"starsCount":26,"forksCount":3,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-07-05T14:25:46.642Z"}},{"type":"Public","name":"awesome-ida-x64-olly-plugin","owner":"airbus-cert","isFork":true,"description":"A curated list of IDA x64DBG, Ghidra and OllyDBG plugins. ","allTopics":[],"primaryLanguage":null,"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":146,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-06-10T12:31:40.662Z"}},{"type":"Public","name":"dnMisp","owner":"airbus-cert","isFork":false,"description":"dnMisp is a simple, MISP Rest API consumer .Net Standard 2.0 library.","allTopics":[],"primaryLanguage":{"name":"C#","color":"#178600"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":0,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-05-25T14:38:57.906Z"}},{"type":"Public","name":"ntTraceControl","owner":"airbus-cert","isFork":false,"description":"Powershell Event Tracing Toolbox","allTopics":["security","powershell","threat-hunting"],"primaryLanguage":{"name":"PowerShell","color":"#012456"},"pullRequestCount":0,"issueCount":0,"starsCount":71,"forksCount":9,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-03-21T20:05:09.018Z"}},{"type":"Public","name":"Winshark","owner":"airbus-cert","isFork":false,"description":"A wireshark plugin to instrument ETW","allTopics":["pcap","wireshark","etw"],"primaryLanguage":{"name":"Lua","color":"#000080"},"pullRequestCount":0,"issueCount":3,"starsCount":520,"forksCount":57,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-01-28T08:44:25.304Z"}},{"type":"Public","name":"libpcap","owner":"airbus-cert","isFork":true,"description":"the LIBpcap interface to various kernel packet capture mechanism","allTopics":[],"primaryLanguage":{"name":"C","color":"#555555"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":819,"license":"Other","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-01-27T17:39:55.554Z"}},{"type":"Public","name":"ghidra","owner":"airbus-cert","isFork":true,"description":"Ghidra is a software reverse engineering (SRE) framework","allTopics":[],"primaryLanguage":{"name":"Java","color":"#b07219"},"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":5615,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2021-12-20T12:37:58.490Z"}},{"type":"Public","name":"Invoke-Bof","owner":"airbus-cert","isFork":false,"description":"Load any Beacon Object File using Powershell!","allTopics":["powershell","cobalt-strike"],"primaryLanguage":{"name":"PowerShell","color":"#012456"},"pullRequestCount":0,"issueCount":0,"starsCount":245,"forksCount":32,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2021-12-09T15:10:41.494Z"}},{"type":"Public","name":"splunk_antlr_spl","owner":"airbus-cert","isFork":true,"description":"","allTopics":[],"primaryLanguage":{"name":"ANTLR","color":"#9DC3FF"},"pullRequestCount":0,"issueCount":0,"starsCount":4,"forksCount":14,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2021-03-31T17:36:53.337Z"}}],"repositoryCount":41,"userInfo":null,"searchable":true,"definitions":[],"typeFilters":[{"id":"all","text":"All"},{"id":"public","text":"Public"},{"id":"source","text":"Sources"},{"id":"fork","text":"Forks"},{"id":"archived","text":"Archived"},{"id":"template","text":"Templates"}],"compactMode":false},"title":"Repositories"}