hollows_hunter is a process scanner detecting and dumping hollowed PE modules. it Uses PE-sieve (DLL version): PE-sieve is n open source tool based on libpeconv….
MalPipe is a modular malware (and indicator) collection and processing framework. It is designed to pull malware, domains, URLs and IP addresses from multiple feeds,…
ioc_report is used as a tool to automate the process of using OSINT to find indicators of compromise (IOC) to sweep you environment for. Since…
The goal of Revoke-Obfuscation research and these frameworks was to highlight the limitations of a purely signature-based approach to detecting attackers’ usage of PowerShell. The…
Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was primarily written to…
Cacador (Portugese for hunter) is tool for extracting common indicators of compromise from a block of text. What is Indicator of compromise (IOC): Indicator of…
Kraut Salad is a proof of concept implementation of a cyber threat intelligence and incident management platform. The parsing component of Kraut Salad currently supports…
Beeswarm is an active IDS project that provides easy configuration, deployment and management of honeypots and clients. The system operates by luring the hacker into…