Frankfurt, Germany

Florian Roth

Elite
@Neo23x0

#DFIR #Sigma #YARA #Rust #Python #Go

Loki. Loki - Simple IOC and YARA Scanner

3.8k

signature-base. YARA signature and IOC database for my scanners and tools

3k

auditd. Best Practice Auditd Configuration

1.9k

yarGen. yarGen is a generator for YARA rules

1.8k

Raccine. A Simple Ransomware Vaccine

980

munin. Online hash checker for Virustotal and other services

853

Fenrir. Simple Bash IOC Scanner

776

log4shell-detector. Detector for Log4Shell exploitation attempts

725

yarAnalyzer. Yara Rule Analyzer and Statistics

396

Loki-RS. 🐍 High-performance, multi-threaded YARA & IOC scanner

340

vti-dorks. Awesome VirusTotal Intelligence Search Queries

334

Fnord. Pattern Extractor for Obfuscated Code

303

BlueLedger. A list of my personal projects

178

YARA-Performance-Guidelines. A guide on how to write fast and memory friendly YARA rules

172

DLLRunner. Smart DLL execution for malware analysis in sandbox systems

145

god-mode-rules. God Mode Detection Rules

135

yaraQA. YARA rule analyzer to improve rule quality and performance

117

evt2sigma. Log Entry to Sigma Rule Converter

107

ImpHash-Generator. PE Import Hash Generator

79

Cyber-Search-Shortcuts. Browser Shortcuts for Cyber Security Related Online Services

78

exotron. Sandbox feature upgrade with the help of wrapped samples

76

YARA-Style-Guide. A specification and style guide for YARA rules

74

tiny-shells. All kinds of tiny shells

65

radiocarbon. Leak File Analyzer

63

Rewind. Immediate Virus Infection Counter Measures

63

Talks. Slides of my public talks

63

panopticon. A YARA Rule Performance Measurement Tool

63

LOLSecIssues. Cybersecurity's lighter side: a collection of the most amusing misunderstandings and missteps from newcomers to offensive security tools. A repository where naiveté in infosec is met with humor.

58

ti-falsepositives. A collection of typical false positive indicators

56

xorex. XOR Key Extractor

51

webshell-intel. Scan web server for known webshell names and responses

49

cyber-chef-recipes. Recipes for GCHQ's CyberChef Web App

40

littlesnitch-log-exporter. LittleSnitch Log Statistics Exporter

35

sysmon-version-history. An Inofficial Sysmon Version History (Change Log)

33

awesome-yara. A curated list of awesome YARA rules, tools, and people.

33

ThreatResearch-Reporting-Guide. Offensive Research Guide to Help Defense Improve Detection

31

SkeletonKeyScanner. Scanner for the SkeletonKey Malware

30

prisma. Command Line STDOUT Colorer

30

ReginScanner. Scanner for Regin Virtual Filesystems

25

atomic-threat-coverage. Knowledge base of analytics designed to cover threats based on MITRE's ATT&CK.

23

BlueTeam-Tools. Tools and Techniques for Blue Team / Incident Response

23

space-id. Invisible Watermarks with Space Characters in ASCII Files

21

IRNotes. Some IR notes

17

neolog. Windows Syslog Command Line Client

16

narsil. Spy Agency Teasing

14

YARA-rules. Some YARA rules i will add from time to time

12

malware-signatures. Yara rules for malware families seen as part of targeted threats project

11

ssh-auditor. The best way to scan for weak ssh passwords on your network

10

defensive-project-ideas. Ideas for projects for defensive research or blue teaming

10

rules. Repository of yara rules

10

BlockWindows. Stop Windows 10 Nagging and Spying. Works with Win7-10

9

ATTACK-Python-Client. Python Script to access ATT&CK content available in STIX via a public TAXII server

6

windows-privesc-check. Standalone Executable to Check for Simple Privilege Escalation Vectors on Windows Systems

6

nmap-nse-scripts. My collection of nmap NSE scripts

6
54
Apply