There are 0 repository under mandiant topic.
Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.
Extracts the Timeline of a Redline parsed sqlite database so it can be used e.g. in an ELK stack.
Assemblyline 4 Obfuscated string solver
PowerShell script for interacting with Mandiant Advantage API to retrieve hash values associated with specified Malware Families. The script provides a menu-driven interface for various malware analysis operations and exports results to Excel.
Parses the Redline CSV output in a csv that is importable by timesketch