nao_sec

nao_sec's repositories

ektotal

[BHUSA 2018 Arsenal] Integrated tool to analyze Drive-by Download attack

Language:PHPMIT107 100

tknk_scanner

Community-based integrated malware identification system

Language:VueMIT82 9 7

RigEK

Analyzing Rig Exploit Kit

50 40

mal_getter

Tool for dropping malware from EK

Language:PHPMIT41 11 1

rr_decoder

Royal Road RTF Weaponizer object decoder

Language:PythonMIT24 7 3

starc

Simple high-interactive client honeypot

Language:C#24 20

anyrun-api

ANY.RUN API Wrapper for PHP

Language:PHPMIT7 20

dataset

nao dataset

6 30

yara_rules

For malware research

Language:YARAMIT6 6 1

materials

Past presentation materials

4 40

ramnit_traffic_parser

Parsing Ramnit's traffic

Language:PHP4 20

binary_decoder

Language:PHPMIT3 20

rr_decoder.cs

C# implementation of rr_decoder

Language:C#MIT3 20

screnc.php

Microsoft Script Encoder / Decoder in PHP

Language:PHPMIT3 20

ioc

misp format Malware IOCs

2 30

jsac2018

Drive-by Download Must Die - Japan Security Analyst Conference 2018

2 20

aoba

Automatic Tools for Observe and Analyze EK and Identify Malware (a.k.a nao_sec tools)

Language:PHP1 20

docker-misp

Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing

Language:DockerfileBSD-3-Clause1 10

misp-galaxy

Clusters and elements to attach to MISP events or attributes (like threat actors)

Language:PythonNOASSERTION1 20

starc.php

StarC (PHP version)

Language:PHP1 20

starc2

Rewrite StarC in Python and Powershell

020