Lorenzo Ori's starred repositories
hollows_hunter
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Sentinel-Playbooks
This Space is for Sentinel Playbooks.
Open-Source-Threat-Intel-Feeds
This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.
virtual-klipper-printer
Run a simulated Klipper 3D-Printer in a Docker container
Yara-Rules
Repository of YARA rules made by Trellix ATR Team
Stirling-PDF
#1 Locally hosted web application that allows you to perform various operations on PDF files
stalkerware-indicators
Indicators of stalkerware apps
security_content
Splunk Security Content
malwoverview
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
validin-phish-feed
Feed of phish-domains found by Validin Threat Intelligince Platform
Control-D-Config
Setup guide for Control D, a managed DNS service with superpowers.
T95-H616-Malware
"Pre-Owned" malware in ROM for AllWinner H616/H618 & RockChip RK3328 Android TV Boxes
threat-team
IOCs from Threat Analysis Group (TAG)
iocextract
Defanged Indicator of Compromise (IOC) Extractor.