{"payload":{"pageCount":4,"repositories":[{"type":"Public","name":"VM-Packages","owner":"mandiant","isFork":false,"description":"Chocolatey packages supporting the analysis environment projects FLARE-VM &amp; Commando VM.","allTopics":["reverse-engineering","malware-analysis","chocolatey-packages","flare"],"primaryLanguage":{"name":"PowerShell","color":"#012456"},"pullRequestCount":8,"issueCount":91,"starsCount":137,"forksCount":62,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-13T23:02:00.494Z"}},{"type":"Public","name":"flare-vm","owner":"mandiant","isFork":false,"description":"A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.","allTopics":["reverse-engineering","malware-analysis","flare"],"primaryLanguage":{"name":"PowerShell","color":"#012456"},"pullRequestCount":1,"issueCount":15,"starsCount":6365,"forksCount":900,"license":"Apache License 2.0","participation":[2,7,1,17,6,0,0,3,0,15,1,0,7,3,0,1,0,5,1,0,0,4,2,1,4,0,2,1,2,2,0,5,0,0,6,4,0,2,0,0,1,0,0,2,0,0,0,1,3,10,10,1],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-13T21:29:15.587Z"}},{"type":"Public","name":"capa","owner":"mandiant","isFork":false,"description":"The FLARE team's open-source tool to identify capabilities in executable files.","allTopics":["reverse-engineering","malware-analysis","binary-analysis","threat-intelligence"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":7,"issueCount":206,"starsCount":4088,"forksCount":512,"license":"Apache License 2.0","participation":[11,12,10,25,83,9,11,19,21,9,35,4,8,6,1,10,12,11,13,23,4,16,14,9,6,3,10,2,2,3,5,10,14,12,6,6,20,15,34,36,7,13,23,26,37,38,52,48,40,24,1,21],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-13T15:24:25.979Z"}},{"type":"Public","name":"capa-rules","owner":"mandiant","isFork":false,"description":"Standard collection of rules for capa: the tool for enumerating the capabilities of programs","allTopics":[],"primaryLanguage":null,"pullRequestCount":5,"issueCount":85,"starsCount":518,"forksCount":157,"license":"Apache License 2.0","participation":[0,2,2,27,4,5,0,1,8,14,10,4,4,2,0,3,3,3,6,0,2,2,7,5,1,0,0,0,0,0,0,5,3,0,0,3,6,3,3,0,0,0,0,0,0,4,4,7,0,0,2,4],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-13T13:04:58.950Z"}},{"type":"Public","name":"capa-testfiles","owner":"mandiant","isFork":false,"description":"Data to test capa's code and rules.","allTopics":[],"primaryLanguage":{"name":"Max","color":"#c4a79c"},"pullRequestCount":6,"issueCount":0,"starsCount":39,"forksCount":64,"license":"Apache License 2.0","participation":[1,0,0,1,3,0,0,0,1,2,1,0,0,0,0,4,1,0,0,0,1,0,0,1,1,1,1,0,3,5,2,2,0,1,0,0,8,4,3,2,0,1,0,2,0,0,11,6,0,2,2,7],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-13T12:59:31.691Z"}},{"type":"Public","name":"gocrack-ui","owner":"mandiant","isFork":false,"description":"The User Interface for GoCrack","allTopics":["fireeye-flare"],"primaryLanguage":{"name":"Vue","color":"#41b883"},"pullRequestCount":31,"issueCount":0,"starsCount":83,"forksCount":52,"license":"MIT License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-11T12:00:16.515Z"}},{"type":"Public","name":"commando-vm","owner":"mandiant","isFork":false,"description":"Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com","allTopics":["penetration-testing","red-teaming","fireeye-flare","windows"],"primaryLanguage":{"name":"PowerShell","color":"#012456"},"pullRequestCount":1,"issueCount":5,"starsCount":6884,"forksCount":1283,"license":"Apache License 2.0","participation":[0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,1,4,3,0,3,0,0,0,0,0,3],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-10T05:39:40.571Z"}},{"type":"Public","name":"flare-floss","owner":"mandiant","isFork":false,"description":"FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.","allTopics":["strings","deobfuscation","flare","gsoc-2024","malware","malware-analysis"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":11,"issueCount":91,"starsCount":3168,"forksCount":445,"license":"Apache License 2.0","participation":[1,2,0,0,9,5,2,13,15,3,7,0,16,2,1,0,13,0,0,3,0,0,0,2,3,12,14,0,0,1,11,6,8,1,0,1,5,3,9,7,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-09T14:36:24.973Z"}},{"type":"Public","name":"shelidate","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Go","color":"#00ADD8"},"pullRequestCount":0,"issueCount":0,"starsCount":2,"forksCount":0,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,2,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-05T06:21:04.693Z"}},{"type":"Public","name":"macos-UnifiedLogs","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Rust","color":"#dea584"},"pullRequestCount":2,"issueCount":7,"starsCount":204,"forksCount":14,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,4,3,3,0,0,0,0,2,4,0,0,0,0,0,0,0,5,0,1,0,1,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-02T20:21:46.816Z"}},{"type":"Public","name":"Vulnerability-Disclosures","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":0,"issueCount":0,"starsCount":183,"forksCount":60,"license":null,"participation":[1,0,0,0,0,2,0,2,3,0,0,0,0,3,0,0,2,0,0,4,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,4,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-30T22:31:53.021Z"}},{"type":"Public","name":"dncil","owner":"mandiant","isFork":false,"description":"The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.","allTopics":["gsoc-2024"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":6,"issueCount":2,"starsCount":133,"forksCount":14,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,6,2,2,0,0,3,0,0,0,0,0,3,0,0,2,2,1,0,1,1,0,3,0,0,1,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-26T09:26:42.933Z"}},{"type":"Public","name":"GoReSym","owner":"mandiant","isFork":false,"description":"Go symbol recovery tool","allTopics":["gsoc-2024"],"primaryLanguage":{"name":"Go","color":"#00ADD8"},"pullRequestCount":4,"issueCount":8,"starsCount":542,"forksCount":64,"license":"MIT License","participation":[2,0,7,9,0,0,0,2,0,0,4,0,0,0,0,0,0,0,0,0,6,0,1,0,0,0,0,0,0,0,2,0,0,2,0,0,1,0,7,0,0,0,0,0,0,1,0,1,4,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-19T16:29:48.020Z"}},{"type":"Public","name":"GeoLogonalyzer","owner":"mandiant","isFork":false,"description":"GeoLogonalyzer is a utility to analyze remote access logs for anomalies such as travel feasibility and data center sources.","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":4,"issueCount":5,"starsCount":195,"forksCount":59,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,1,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-12T13:38:22.591Z"}},{"type":"Public","name":"ADFSpoof","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":3,"issueCount":2,"starsCount":348,"forksCount":58,"license":"Apache License 2.0","participation":[0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-12T08:13:42.909Z"}},{"type":"Public","name":"gootloader","owner":"mandiant","isFork":false,"description":"Collection of scripts used to deobfuscate GOOTLOADER malware samples.","allTopics":["deobfuscation","gootloader"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":1,"starsCount":51,"forksCount":7,"license":"Apache License 2.0","participation":[0,4,4,0,0,4,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-26T19:03:33.624Z"}},{"type":"Public","name":"STrace","owner":"mandiant","isFork":false,"description":"A DTrace on Windows Reimplementation","allTopics":["gsoc-2024"],"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":3,"issueCount":5,"starsCount":317,"forksCount":41,"license":"MIT License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-22T18:08:23.641Z"}},{"type":"Public","name":"stringsifter","owner":"mandiant","isFork":false,"description":"A machine learning tool that ranks strings based on their relevance for malware analysis.","allTopics":["machine-learning","strings","reverse-engineering","learning-to-rank","fireeye-flare","fireeye-data-science","malware-analysis"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":2,"issueCount":5,"starsCount":675,"forksCount":124,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-15T18:27:12.004Z"}},{"type":"Public","name":"flare-ida","owner":"mandiant","isFork":false,"description":"IDA Pro utilities from FLARE team","allTopics":["reverse-engineering","ida-pro","ida-plugin","idapython","fireeye-flare","ida"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":3,"issueCount":22,"starsCount":2197,"forksCount":463,"license":"Apache License 2.0","participation":[2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-09T17:07:53.755Z"}},{"type":"Public","name":"gocrack","owner":"mandiant","isFork":false,"description":"GoCrack is a management frontend for password cracking tools written in Go","allTopics":["fireeye-flare"],"primaryLanguage":{"name":"Go","color":"#00ADD8"},"pullRequestCount":8,"issueCount":18,"starsCount":1112,"forksCount":240,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-05T21:32:20.468Z"}},{"type":"Public","name":"PwnAuth","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":10,"issueCount":2,"starsCount":362,"forksCount":89,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-26T19:42:32.570Z"}},{"type":"Public","name":"flare-fakenet-ng","owner":"mandiant","isFork":false,"description":"FakeNet-NG - Next Generation Dynamic Network Analysis Tool","allTopics":["traffic-redirection","fakenet-ng","mandiant-flare","gsoc-2024","malware-analysis"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":21,"issueCount":59,"starsCount":1763,"forksCount":356,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-01T05:09:02.110Z"}},{"type":"Public","name":"Ghidrathon","owner":"mandiant","isFork":false,"description":"The FLARE team's open-source extension to add Python 3 scripting to Ghidra.","allTopics":["gsoc-2024"],"primaryLanguage":{"name":"Java","color":"#b07219"},"pullRequestCount":2,"issueCount":16,"starsCount":687,"forksCount":54,"license":"Apache License 2.0","participation":[0,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,1,12,0,0,2,0,0,0,0,0,0,1,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-05-08T19:29:24.034Z"}},{"type":"Public","name":"speakeasy","owner":"mandiant","isFork":false,"description":"Windows kernel and user mode emulation.","allTopics":["emulation","gsoc-2023","malware-analysis"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":3,"issueCount":36,"starsCount":1469,"forksCount":228,"license":"MIT License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-04-12T05:04:33.443Z"}},{"type":"Public","name":"gocat","owner":"mandiant","isFork":false,"description":"Provides access to libhashcat","allTopics":["fireeye-flare"],"primaryLanguage":{"name":"Go","color":"#00ADD8"},"pullRequestCount":4,"issueCount":1,"starsCount":29,"forksCount":23,"license":"MIT License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-04-06T11:45:39.931Z"}},{"type":"Public","name":"ccmpwn","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":0,"starsCount":175,"forksCount":21,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,15,3,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-03-26T20:51:27.562Z"}},{"type":"Public","name":"red_team_tool_countermeasures","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"YARA","color":"#220000"},"pullRequestCount":1,"issueCount":2,"starsCount":2642,"forksCount":846,"license":"BSD 2-Clause \"Simplified\" License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-03-05T10:19:46.866Z"}},{"type":"Public","name":"flare-gsoc-2024","owner":"mandiant","isFork":false,"description":"Supporting resources and documentation for FLARE @ Google Summer of Code 2024","allTopics":[],"primaryLanguage":null,"pullRequestCount":0,"issueCount":0,"starsCount":15,"forksCount":1,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,6,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-02-12T16:36:17.283Z"}},{"type":"Public","name":"flare-floss-testfiles","owner":"mandiant","isFork":false,"description":"Resources for testing FLOSS by the FLARE team.","allTopics":[],"primaryLanguage":{"name":"C","color":"#555555"},"pullRequestCount":0,"issueCount":0,"starsCount":7,"forksCount":19,"license":null,"participation":[0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-02-05T09:33:52.197Z"}},{"type":"Public","name":"citrix-ioc-scanner-cve-2023-3519","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Shell","color":"#89e051"},"pullRequestCount":0,"issueCount":4,"starsCount":65,"forksCount":3,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-09-01T19:14:30.147Z"}}],"repositoryCount":93,"userInfo":null,"searchable":true,"definitions":[],"typeFilters":[{"id":"all","text":"All"},{"id":"public","text":"Public"},{"id":"source","text":"Sources"},{"id":"fork","text":"Forks"},{"id":"archived","text":"Archived"},{"id":"template","text":"Templates"}],"compactMode":false},"title":"mandiant repositories"}