Repository of yara rules

APT & CyberCriminal Campaign Collection

YARA signature and IOC database for my scanners and tools

Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android

All-in-One malware analysis tool.

Indicators of Compromises (IOC) of our various investigations

Living Off The Land Drivers

Elastic Security detection content for Endpoint

A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Integrates with LLM agents via MCP for enhanced analysis capabil…

Awesome Security lists for SOC/CERT/CTI

Scripts for the Ghidra software reverse engineering suite.

A static analyzer for PE executables.

Guidance for mitigation web shells. #nsacyber

Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory t…

ReversingLabs YARA Rules

Sophos-originated indicators-of-compromise from published reports

#supply #chain #attack #detection

D-Eyes为M-SEC社区一款检测与响应工具

Repository of YARA rules made by Trellix ATR Team

PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.

Tools for hunting for threats.

whohk，linux下一款强大的应急响应工具 在linux下的应急响应往往需要通过繁琐的命令行来查看各个点的情况，有的时候还需要做一些格式处理，这对于linux下命令不是很熟悉的人比较不友好。本工具将linux下应急响应中常用的一些操作给集合了起来，并处理成了较为友好的格式，只需要通过一个参数就能代替繁琐复杂的命令来实现对各个点的检查。

蓝队应急工具

Extracted Yara rules from Windows Defender mpavbase and mpasbase

🐺 Malware analysis platform

A repository of code signing certificates known to have been leaked or stolen, then abused by threat actors