cocaman

malware-bazaar

Python scripts for Malware Bazaar

yara-scan-service

Repository for scripts and tips for "Yara Scan Service"

analysis_scripts

Collection of scripts used to analyse malware or emails

retefe

Artefacts from various retefe campaigns

russian_root_ca

100DaysOfYARA

CobaltSpam

CVE-2021-1675

Impacket implementation of CVE-2021-1675

CVE-2021-34527_PowerShell

Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)

deepdarkCTI

Collection of Cyber Threat Intelligence sources from the deep and dark web

mitre_attack_csv

MITRE ATT&CK in CSV form

black-basta-buster

I-S00N

IntelOwl

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

jbxapi

Python API wrapper for the Joe Sandbox API.

JNDI-Exploit-Kit

JNDI-Exploitation-Kit（A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection）

log4j_security

Historic copy of the Log4j 2.x security page

Log4jAttackSurface

Log4Pot

logging-log4j2

Apache Log4j 2 is an upgrade to Log4j that provides significant improvements over its predecessor, Log4j 1.x, and provides many of the improvements available in Logback while fixing some inherent problems in Logback's architecture.

malware_analysis-1

This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.

misp-galaxy

Clusters and elements to attach to MISP events or attributes (like threat actors)

misp-modules

Modules for expansion services, import and export in MISP

PrintNightmare

PyMISP

Python library using the MISP Rest API

red_team_tool_countermeasures

SECurityTr8Ker

SECurityTr8Ker monitors the SEC's RSS feed for 8-K filings with cybersecurity incident materials (item 1.05).

sublime

Sublime Detection Rules

SunburstStrings

yaraScanParser