A script that webs scrapes multiple webpages for known vulnerable Windows Drivers, SHA256 hashes all system drivers, looks for matching driver names and SHA256 hashes.
-
Updated
Jun 22, 2024 - Python
A script that webs scrapes multiple webpages for known vulnerable Windows Drivers, SHA256 hashes all system drivers, looks for matching driver names and SHA256 hashes.
Cortex XSOAR Integration for the SES EDR API at https://api.sep.securitycloud.symantec.com
An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.
[benchmark] Trajectory similarity computation
Carbon Black API - Python language bindings
A script to that checks for active connections to known malicious foreign IP addresses.
Analysis-oriented command line tool for remote execution and triage via EDRs API
PyCanary: CMD line tool to monitor any directory for file access or file changes, log event, send basic alert to user, and dump and process information collected. There is also a background thread monitoring all created processes and logging them for later analysis.
a tool to help operate in EDRs' blind spots
Uses the Damerau-Levenshtein distance to find suspicious tasks running on endpoints in Windows.
Sample pipeline demo highlighting how to integrate Falcon Container Sensor into ECS Fargate Workloads
戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑
A proof-of-concept Technology Add-On for Splunk that queries and indexes alerts from Generic EDR.
Carbon Black - LastLine Binary Detonation Connector
Carbon Black - Facebook Threat Exchange Connector
Add a description, image, and links to the edr topic page so that developers can more easily learn about it.
To associate your repository with the edr topic, visit your repo's landing page and select "manage topics."