MANDIANT's repositories
ThreatPursuit-VM
Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.
stringsifter
A machine learning tool that ranks strings based on their relevance for malware analysis.
SimplifyGraph
IDA Pro plugin to assist with complex graphs
thiri-notebook
The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules.
route-sixty-sink
Link sources to sinks in C# applications.
flare-gsoc-2023
Supporting resources and documentation for FLARE @ Google Summer of Code 2023
vbScript_deobfuscator
Help deobfuscate VBScript
mandiant_managed_hunting
Azure Deployment Templates for Mandiant Managed Huning