RandomRhythm's repositories

Vendor-Threat-Triage-Lookup

Lookup file hashes, domain names and IP addresses using various vendors to assist with triaging potential threats.

Language:VBScriptLicense:GPL-3.0Stargazers:29Issues:3Issues:0

mal2csv

Malformed Access Log to CSV - Convert Web Server Access Logs to CSV

Language:PythonLicense:AGPL-3.0Stargazers:16Issues:2Issues:0

Rhythm-CB-Scripts

Collection of scripts for use with Carbon Black Cb Response API

Language:VBScriptLicense:LGPL-3.0Stargazers:14Issues:4Issues:0

YARA_Rules_Util

YARA duplicate rule detection and removal. YARA rule index creation. YARA rule file merger.

threatintelligenceaggregator

Threat Intelligence Aggregator API example

Language:PythonStargazers:8Issues:4Issues:0

Web_Log_Deobfuscate

Deobfuscate various encodings that can be found in web logs.

Language:PythonStargazers:7Issues:4Issues:0

LevelUpDomain

Takes a list of domains and output one unique domain structure for each unique second (or third) level domain

Language:VBScriptStargazers:4Issues:2Issues:0

wEventLogSearch

Search Windows event log and output results to a text file

Language:C#Stargazers:4Issues:2Issues:0

YARA_Rules_Project_Sorted_Ruleset

YARA rules sorted by file type from the Yara-Rules/rules repository

Language:YARALicense:GPL-2.0Stargazers:4Issues:2Issues:0

CombineSpreadsheets

Combine all columns from two Microsoft Excel spreadsheets into one based on matching column values

Language:VBScriptStargazers:2Issues:3Issues:0

dll_loading_abuse

This repository is dedicated to documenting different library files (DLLs) susceptible to exploitation through search order hijacking, including side-loading and phantom DLLs

License:UnlicenseStargazers:2Issues:0Issues:0

parse-ATTK

Trend Micro Anti-Threat Toolkit output parser

Language:VBScriptLicense:LGPL-3.0Stargazers:2Issues:2Issues:0

season_rename

Rename television season episodes and extras organized by disc (folders)

Language:PythonLicense:MITStargazers:2Issues:1Issues:0

Vectra_Detect_API

Vectra Detect API example in Python

Language:PythonLicense:AGPL-3.0Stargazers:2Issues:2Issues:0

VTTL-GUI

GUI code for VTTL

Language:Visual Basic 6.0License:UnlicenseStargazers:2Issues:0Issues:0

CBC_Vuln_Assessment

This script will take the CSV output and create a CSV with endpoints grouped by CVE and one with NVD descriptions

Language:PythonLicense:AGPL-3.0Stargazers:1Issues:2Issues:0

convertDNS

Converts dns names to Microsoft DNS debug format. Example: google.com becomes (6)google(3)com(0)

Language:PythonLicense:MITStargazers:1Issues:2Issues:0

CSV_Condense

Select key columns in the CSV to track unique values and produce a condensed output

Language:PythonLicense:AGPL-3.0Stargazers:1Issues:2Issues:0

Judge-Jury-and-Executable

File system forensics analysis and threat hunting tool. Scans file systems at the MFT and OS level and stored in SQL. Threats and data can be probed harnessing the power and syntax of SQL.

Language:CLicense:AGPL-3.0Stargazers:1Issues:2Issues:0

process_tor

Process a CSV of tor alerts against the www.dan.me.uk/tornodes list to confirm if the IP and port are listed.

Language:PythonLicense:AGPL-3.0Stargazers:1Issues:2Issues:0

s1_blacklist_export

SentinelOne Blacklist Export

Language:PythonLicense:AGPL-3.0Stargazers:1Issues:2Issues:0

Sort_YARA_Rules

Sort YARA Rules by File Type

Language:PythonLicense:AGPL-3.0Stargazers:1Issues:2Issues:0

CAPEv2

Malware Configuration And Payload Extraction

Language:PythonLicense:NOASSERTIONStargazers:0Issues:1Issues:0

Cylance_Optics_YARA

PoC YARA scanner for Cylance Optics using .net YARA DLL via IronPython

Language:PythonLicense:UnlicenseStargazers:0Issues:2Issues:0

DnsClientCOM

COM object for performing DNS queries / lookups

Language:C#License:Apache-2.0Stargazers:0Issues:2Issues:0

nvd-cve-api

Wrapper to fetch cve information from NVD

Language:PythonLicense:MITStargazers:0Issues:1Issues:0

plex_dupefinder

Find and delete duplicate files in Plex

Language:PythonLicense:GPL-3.0Stargazers:0Issues:0Issues:0

rules

Repository of yara rules

Language:YARALicense:GPL-2.0Stargazers:0Issues:1Issues:0

TreeParse

Parse tree command output

Language:PythonLicense:AGPL-3.0Stargazers:0Issues:2Issues:0

winVulnAssess

Assess a mounted Windows volume for exploitable vulnerabilities

Language:VBScriptLicense:AGPL-3.0Stargazers:0Issues:2Issues:0