Change the repository type filter
Archived
Repositories list
59 repositories
- Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, and rule types
- Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.
ARDvark
Public archive- Command-line and Python debugger for instrumenting and modifying native software behavior on Windows and Linux.
FIDL
Public archiveOfficePurge
Public archiveShimCacheParser
Public archiveflare-gsoc-2023
Public archivevbScript_deobfuscator
Public archive- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules.