David André's repositories
ail-yara-rules
A set of YARA rules for the AIL framework to detect leak or information disclosure
awesome-event-ids
Collection of Event ID ressources useful for Digital Forensics and Incident Response
backup-slack
A script for backing up your message history from Slack
censys-python
Python Library for Censys
crl-monitor
CRL Monitor - X.509 Certificate Revocation List monitoring and X.509/Subject caching
DailyIOC
IOC from articles, tweets for archives
ExpertRules
This repository contains a set of rules samples that can be directly used with McAfee Endpoint Security, in the Exploit Prevention policy.
gopassivedns
PassiveDNS in Go
Hello-Goodbye
Available for Chrome, Firefox and Safari and as a blocklist to integrate into existing blockers.
InfraFinder
Finds shared attributes across multiple IP addresses by querying Censys
LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
malware-indicators
Citizen Lab Malware Reports
misp-galaxy
Clusters and elements to attach to MISP events or attributes (like threat actors)
MISP-maltego
Set of Maltego transforms to inferface with a MISP instance
misp-modules
Modules for expansion services, import and export in MISP
misp-taxonomies
Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.
misp-warninglists
Warning lists to inform users of MISP about potential false-positives or other information in indicators
misp-website
MISP website (jekyll-based)
otterai-api
Unofficial Otter.ai Python API
pySigma
Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)
pySigma-backend-splunk
pySigma Splunk backend
sigma
Generic Signature Format for SIEM Systems
signature-base
Signature base for my scanner tools
splunk_wineventcode_secanalysis
Windows Event Code Security Analysis app for Splunk.
sysmon-modular
A repository of sysmon configuration modules