m4now4r / threat-hunting-malware-analysis-incident-response

Some portable tools, some YARA, some Python, and a little bit of love. Not all of these tools can be used in incident response. Use PEs with caution.

Geek Repo

Github PK Tool

Tools of the Trade

If you have any issues with a tool here, or have questions about usage, or really anything, please reach out and I will be glad to help.

The tools here are broad in function but have many uses in the Triage/Threat Hunting/Incident Response fields. Be careful and do your own research with PEs you find on the internet!

Tools like Seatbelt can be compiled directly from their source code, while triage-ir-v1 cannot. I have determined that these tools are safe, but again, do your own research!

About

Some portable tools, some YARA, some Python, and a little bit of love. Not all of these tools can be used in incident response. Use PEs with caution.

Languages

Language:YARA 47.4%Language:C++ 14.2%Language:PowerShell 8.9%Language:C# 8.6%Language:Python 8.1%Language:C 6.1%Language:Perl 3.1%Language:PHP 0.7%Language:HTML 0.6%Language:Rich Text Format 0.6%Language:JavaScript 0.4%Language:Batchfile 0.3%Language:Yacc 0.3%Language:Lex 0.1%Language:Shell 0.1%Language:CSS 0.1%Language:Java 0.1%Language:Makefile 0.1%Language:Starlark 0.1%Language:M4 0.1%Language:CMake 0.0%Language:Roff 0.0%Language:Inno Setup 0.0%Language:Dockerfile 0.0%Language:Ruby 0.0%Language:JSONiq 0.0%Language:Classic ASP 0.0%