William MacArthur's repositories
Open-Source-YARA-rules
YARA Rules I come across on the internet
autorunner
Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing
Language:C#000
Language:JavaScriptNOASSERTION000
docker-misp
A (nearly) production ready Dockered MISP
Language:ShellGPL-3.0000
elk-docker
Elasticsearch, Logstash, Kibana (ELK) Docker image
Language:ShellNOASSERTION000
LogViewer2
Application for viewing/searching large text/log files (WPF port of the original LogViewer)
Language:C#000
lookuper
Looks stuff up (MD5, SHA256, IP, Domains, URL's, strings e.g. mutexes)...
Language:Go000
ThreatIngestor
Extract and aggregate threat intelligence.
Language:PythonGPL-2.0000
wazuh-docker-1
Wazuh - Docker containers
Language:CSSNOASSERTION000
wmi-parser
Parses the WMI object database....looking for persistence
000