Binary Defense

All

25 repositories

ARC-Labs-ML-Starter-Kit
Public
Jupyter Notebook
•0•5•0•0•Updated Sep 9, 2024Sep 9, 2024
ARC-Labs-Hunting-Queries
Public
0•3•0•0•Updated Jul 8, 2024Jul 8, 2024
auto-ossec
Public
Python
•46•139•2•0•Updated May 24, 2024May 24, 2024
HiddenTaskHunter
Public
PowerShell
•1•3•0•0•Updated Apr 5, 2024Apr 5, 2024
YaraMemoryScanner
Public
Simple PowerShell script to enable process scanning with Yara.
PowerShell
•
GNU General Public License v3.0
•20•87•0•1•Updated Oct 4, 2022Oct 4, 2022
OTX-Microsoft-Logic-App
Public
Microsoft Logic App for consuming Open Threat Exchange (OTX) data in Microsoft Sentinel / Log Analytics Workspace
MIT License
•0•2•0•0•Updated Sep 15, 2022Sep 15, 2022
GhidraRustDependenciesExtractor
Public
Ghidra script for extracting embedded Rust crate dependency strings from a compiled Rust binary
Python
•3•26•0•0•Updated Aug 9, 2022Aug 9, 2022
community-threats
Public
A place to share attack chains for testing people, process, and technology with the entire community. The largest, public library of adversary emulation and adversary simulation plans! #ThreatThursday
PowerShell
•
MIT License
•90•4•0•0•Updated Jul 27, 2022Jul 27, 2022
decloaker
Public
A script that attempts to decloak symbiote activity, and some other LD_PRELOAD activity
Shell
•0•2•0•0•Updated Jun 26, 2022Jun 26, 2022
sigma
Public
Generic Signature Format for SIEM Systems
Python
•
Other
•2.2k•3•0•0•Updated Jun 10, 2022Jun 10, 2022
ThreatHuntingJupyterNotebooks
Public
Jupyter Notebook
•10•58•1•0•Updated May 13, 2022May 13, 2022
glyph-hunter
Public
Python Flask web app that checks names for potential homoglyph characteristics and reports results in json format
Python
•
MIT License
•2•3•0•0•Updated Apr 21, 2022Apr 21, 2022
borat-rat-plugin-emulators
Public
.Net Libraries (DLLs) re-written from scratch that emulate the functionality of Borat RAT for defese testing purposes
C#
•
MIT License
•0•2•0•0•Updated Apr 14, 2022Apr 14, 2022
beacon-fronting
Public
A simple command line program to help defender test their detections for network beacon patterns and domain fronting
Go
•
MIT License
•11•66•0•0•Updated Feb 3, 2022Feb 3, 2022
artillery
Public
The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.
Python
•292•1k•22•2•Updated Jan 6, 2022Jan 6, 2022
log4j-honeypot-flask
Public
Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228
Python
•24•147•1•0•Updated Dec 20, 2021Dec 20, 2021
mining-pools
Public
List of mining pool domain names for use in detection logic
1•2•0•0•Updated Dec 20, 2021Dec 20, 2021
RPCFirewall-LogParsers
Public
0•1•0•0•Updated Nov 10, 2021Nov 10, 2021
sysmon-modular
Public
A repository of sysmon configuration modules
PowerShell
•
MIT License
•588•5•0•0•Updated Jun 30, 2021Jun 30, 2021
BinaryDefense.FSharp.Analyzers
Public
Security analyzers for the FSharp (F#) language
F#
•
MIT License
•4•37•1•0•Updated May 24, 2021May 24, 2021
IcedDecrypt
Public
IcedID Decryption Tool
Python
•4•27•0•0•Updated May 7, 2021May 7, 2021
BinaryDefense.Junit.Expecto.TestLogger
Public
testing expecto fsharp junit test-reporting test-report
F#
•
MIT License
•0•0•0•0•Updated Jan 29, 2021Jan 29, 2021
BinaryDefense.github.io
Public
0•0•0•0•Updated Jan 8, 2021Jan 8, 2021
JsonWrapper
Public
A Myriad plugin for generating statically typed lossless wrappers around JToken given a schema.
F#
•
MIT License
•2•15•2•0•Updated Jul 1, 2020Jul 1, 2020
goatrider
Public
GoatRider is a simple tool that will dynamically pull down Artillery Threat Intelligence Feeds, TOR, AlienVaults OTX, and the Alexa top 1 million websites and do a comparison to a hostname file or IP file.
Python
•
Other
•40•137•2•1•Updated Nov 26, 2018Nov 26, 2018