Bit9 + Carbon Black Threat Intelligence repo
Use of the Carbon Black API is governed by the license found in LICENSE.
Contains various projects and presentations.
mpesm (Mnemonic PE Signature Matching) is a tool to help identify multiple types of packers, cryptors, and compilers. It uses a take on Levenshtein distance to calculate similarity between the assembly mnemonics in the signature and the assembly mnemonics found in the PE file.
Various Yara signatures.
A service to pull data from a Carbon Black server to CRITs.