Loki. Loki - Simple IOC and YARA Scanner
3.8ksignature-base. YARA signature and IOC database for my scanners and tools
3kauditd. Best Practice Auditd Configuration
1.9kyarGen. yarGen is a generator for YARA rules
1.8kRaccine. A Simple Ransomware Vaccine
980munin. Online hash checker for Virustotal and other services
853Fenrir. Simple Bash IOC Scanner
776log4shell-detector. Detector for Log4Shell exploitation attempts
725yarAnalyzer. Yara Rule Analyzer and Statistics
396Loki-RS. 🐍 High-performance, multi-threaded YARA & IOC scanner
340vti-dorks. Awesome VirusTotal Intelligence Search Queries
334Fnord. Pattern Extractor for Obfuscated Code
303BlueLedger. A list of my personal projects
178YARA-Performance-Guidelines. A guide on how to write fast and memory friendly YARA rules
172DLLRunner. Smart DLL execution for malware analysis in sandbox systems
145god-mode-rules. God Mode Detection Rules
135yaraQA. YARA rule analyzer to improve rule quality and performance
117evt2sigma. Log Entry to Sigma Rule Converter
107ImpHash-Generator. PE Import Hash Generator
79Cyber-Search-Shortcuts. Browser Shortcuts for Cyber Security Related Online Services
78exotron. Sandbox feature upgrade with the help of wrapped samples
76YARA-Style-Guide. A specification and style guide for YARA rules
74tiny-shells. All kinds of tiny shells
65radiocarbon. Leak File Analyzer
63Rewind. Immediate Virus Infection Counter Measures
63Talks. Slides of my public talks
63panopticon. A YARA Rule Performance Measurement Tool
63LOLSecIssues. Cybersecurity's lighter side: a collection of the most amusing misunderstandings and missteps from newcomers to offensive security tools. A repository where naiveté in infosec is met with humor.
58ti-falsepositives. A collection of typical false positive indicators
56xorex. XOR Key Extractor
51webshell-intel. Scan web server for known webshell names and responses
49cyber-chef-recipes. Recipes for GCHQ's CyberChef Web App
40littlesnitch-log-exporter. LittleSnitch Log Statistics Exporter
35sysmon-version-history. An Inofficial Sysmon Version History (Change Log)
33awesome-yara. A curated list of awesome YARA rules, tools, and people.
33ThreatResearch-Reporting-Guide. Offensive Research Guide to Help Defense Improve Detection
31SkeletonKeyScanner. Scanner for the SkeletonKey Malware
30prisma. Command Line STDOUT Colorer
30ReginScanner. Scanner for Regin Virtual Filesystems
25atomic-threat-coverage. Knowledge base of analytics designed to cover threats based on MITRE's ATT&CK.
23BlueTeam-Tools. Tools and Techniques for Blue Team / Incident Response
23space-id. Invisible Watermarks with Space Characters in ASCII Files
21IRNotes. Some IR notes
17neolog. Windows Syslog Command Line Client
16narsil. Spy Agency Teasing
14YARA-rules. Some YARA rules i will add from time to time
12malware-signatures. Yara rules for malware families seen as part of targeted threats project
11ssh-auditor. The best way to scan for weak ssh passwords on your network
10defensive-project-ideas. Ideas for projects for defensive research or blue teaming
10rules. Repository of yara rules
10BlockWindows. Stop Windows 10 Nagging and Spying. Works with Win7-10
9ATTACK-Python-Client. Python Script to access ATT&CK content available in STIX via a public TAXII server
6windows-privesc-check. Standalone Executable to Check for Simple Privilege Escalation Vectors on Windows Systems
6nmap-nse-scripts. My collection of nmap NSE scripts
6