Script auto generate rules with IOC
-
Updated
Oct 28, 2018 - Python
Script auto generate rules with IOC
Bunch of scripts helping to investigate smishing URLs
pcap analyser that uses rest api for IP/URL reputation and also for obtaining URL's
Insight aids in profiling a host by searching several online services for information about an IP or domain name.
Calculate threat levels based on Capability, Opportunity, Intent ratings
Open Domestic Threat Scanner - LLM Threat-Intelligence
To extract the usernames attempted by a compromised host. This information is obtained from Abuse IP DB, reports' comments.
USB threat evaluation framework for Linux
DiaLog is a powerful Log File Analyzer that can also do passive analysis of malicious IP's Found in web-server Traffic
A proof of concept AWS Lambda Python 3.7 runtime that takes Amazon S3 objects, evaluates against file magic MIME types, and will check existing SHA256 hashes or upload the file to VirusTotal using an API key. The API key is retrieved using security best practices with AWS Secrets Manager cached to reduce API overhead.
Distrace is a collection of python scripts that are designed to assist in tracking, analysing, and disrupting malware campaigns that utilise Discord for command & control (C2).
A Python script to generate MITRE ATT&CK Navigator layers from TTPs
A graph database for components, vulnerabilities and threats powered by dgraph
This Discord bot is designed to provide file scanning functionality using the VirusTotal API to check for viruses and other malware in attachments uploaded to a Discord channel.
ip: (the) i(nternet is) p(robably down)
Programmatically find relationships between a list of strings using Google.
A set of transformations to for indicators-pulses
Simple tool that you can use for collect relevant data of Portable Executable (PE) files that can be used for Intel during a line of research related with malware.
Map and visualize SSH logins from sensors.
Add a description, image, and links to the threat-analysis topic page so that developers can more easily learn about it.
To associate your repository with the threat-analysis topic, visit your repo's landing page and select "manage topics."