InQuest's repositories
awesome-yara
A curated list of awesome YARA rules, tools, and people.
malware-samples
A collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net
ThreatIngestor
Extract and aggregate threat intelligence.
iocextract
Defanged Indicator of Compromise (IOC) Extractor.
yara-rules
A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
sandboxapi
Minimal, consistent Python API for building integrations with malware sandboxes.
yara-rules-vt
Collection of YARA rules designed for usage through VirusTotal.com.
python-inquestlabs
A Pythonic interface and command line tool for interacting with the InQuest Labs API.
PackMyPayload
A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX
malware_lure
Collection of Malware Lures
python-threatkb
Python library and command-line tool for InQuest ThreatKB. (pre-release)
MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
ransomware_notes
An archive of ransomware notes past and present
cyberchef-recipes
A list of cyber-chef recipes and curated links
inquest-labs-community-rules
This repository houses a collection of community submitted YARA rules that run atop of labs.inquest.net
malwoverview
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
md-insights-client-api
API client for MetaDefender InSights threat intelligence feeds
restringer
A Javascript Deobfuscator