radizzle's Projects
ATT&CK Remote Threat Hunting Incident Response
A curated list of KAPE-related resources
A primitive USB patcher for installing macOS Big Sur on unsupported Macs
Firmware Analysis Tool
Tools, techniques, cheat sheets, and other resources to assist those defending organizations and detecting adversaries
Tools and Techniques for Blue Team / Incident Response
It is based on bulk_extractor (https://github.com/simsong/bulk_extractor) and add scanners for record carving
The FLARE team's open-source tool to identify capabilities in executable files.
Standard collection of rules for capa: the tool for enumerating the capabilities of programs
Data to test capa's code and rules.
Rapidly Search and Hunt through Windows Event Logs
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]
Detection in the form of Yara, Snort and ClamAV signatures.
Detect Tactics, Techniques & Combat Threats
Cuckoo Sandbox Dockerfile
Ghidra Client/Server Docker Image
NSRL Whitelist Dockerfile
Splunk Docker GitHub Repository
Volatility Dockerfile
Yara Dockerfile
Windows Events Attack Samples
FireEye Labs Obfuscated String Solver - Automatically extract obfuscated strings from malware.
A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.
This repository houses a collection of community submitted YARA rules that run atop of labs.inquest.net
Repository with selected IOCs and YARA rules for threat hunting.
File and analysis artifacts yara matcher for Karton framework
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Indicators of Compromises (IOC) of our various investigations
š¼ļø A command-line system information tool written in bash 3.2+
NSE script based on Vulners.com API