RandomRhythm's repositories
Vendor-Threat-Triage-Lookup
Lookup file hashes, domain names and IP addresses using various vendors to assist with triaging potential threats.
Rhythm-CB-Scripts
Collection of scripts for use with Carbon Black Cb Response API
YARA_Rules_Util
YARA duplicate rule detection and removal. YARA rule index creation. YARA rule file merger.
threatintelligenceaggregator
Threat Intelligence Aggregator API example
Web_Log_Deobfuscate
Deobfuscate various encodings that can be found in web logs.
LevelUpDomain
Takes a list of domains and output one unique domain structure for each unique second (or third) level domain
wEventLogSearch
Search Windows event log and output results to a text file
YARA_Rules_Project_Sorted_Ruleset
YARA rules sorted by file type from the Yara-Rules/rules repository
CombineSpreadsheets
Combine all columns from two Microsoft Excel spreadsheets into one based on matching column values
dll_loading_abuse
This repository is dedicated to documenting different library files (DLLs) susceptible to exploitation through search order hijacking, including side-loading and phantom DLLs
parse-ATTK
Trend Micro Anti-Threat Toolkit output parser
season_rename
Rename television season episodes and extras organized by disc (folders)
Vectra_Detect_API
Vectra Detect API example in Python
CBC_Vuln_Assessment
This script will take the CSV output and create a CSV with endpoints grouped by CVE and one with NVD descriptions
convertDNS
Converts dns names to Microsoft DNS debug format. Example: google.com becomes (6)google(3)com(0)
CSV_Condense
Select key columns in the CSV to track unique values and produce a condensed output
Judge-Jury-and-Executable
File system forensics analysis and threat hunting tool. Scans file systems at the MFT and OS level and stored in SQL. Threats and data can be probed harnessing the power and syntax of SQL.
process_tor
Process a CSV of tor alerts against the www.dan.me.uk/tornodes list to confirm if the IP and port are listed.
s1_blacklist_export
SentinelOne Blacklist Export
Sort_YARA_Rules
Sort YARA Rules by File Type
Cylance_Optics_YARA
PoC YARA scanner for Cylance Optics using .net YARA DLL via IronPython
DnsClientCOM
COM object for performing DNS queries / lookups
nvd-cve-api
Wrapper to fetch cve information from NVD
plex_dupefinder
Find and delete duplicate files in Plex
winVulnAssess
Assess a mounted Windows volume for exploitable vulnerabilities