mabidm-tsinghua Goto Github PK
Type: User
Type: User
Bypass Amsi powershell of Matt Graeber modified
Arkime (formerly Moloch) is an open source, large scale, full packet capturing, indexing, and database system.
Small and highly portable detection tests based on MITRE's ATT&CK.
Python Script to access ATT&CK content available in STIX via a public TAXII server
AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 2022, some Linux distributions and various products like AD, Exchange, PKI, IIS, etc.
Balbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns.
Tools, techniques, cheat sheets, and other resources to assist those defending organizations and detecting adversaries
All books
Splunk Boss of the SOC version 2 dataset.
Data from a BRAWL Automated Adversary Emulation Exercise
Automated Adversary Emulation Platform
The FLARE team's open-source tool to identify capabilities in executable files.
capemon: CAPE's monitor
Cyber Analytics Repository
Clearcut is a tool that uses machine learning to help you focus on the log entries that really need manual review
Cortex: a Powerful Observable Analysis and Active Response Engine
Documentation of Cortex
The C++ Core Guidelines are a set of tried-and-true guidelines, rules, and best practices about coding in C++
CRITs - Collaborative Research Into Threats
Modified edition of cuckoo
Modified edition of cuckoo
CuckooMX is a project to automate analysis of files transmitted over SMTP (using the Cuckoo sandbox)
structured serial data library
This is the python implementation of CICFlowMeter which aims to produce CSV based flow provided the network interface and PCAPs.
This is a script which is used to conditionally label/classify the flow generated by CICFlowmeter python implementation given the PCAP files.
Rules for Elastic Security's detection engine
Automate the creation of a lab environment complete with security tooling and logging best practices
Data exfiltration over DNS request covert channel
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.