Cylance

Orange County, CA

Pinned Repositories

Ablation
Ablation is a tool for augmenting static analysis by extracting information at runtime, and importing it into IDA. It can resolve virtual calls, reveal interesting code, exclude heavily traversed regions, identify untested or undocumented features, visually diff samples, or perform root cause analysis simply by running samples. My favourite however is the virtual call resolution with fully interactive x-refs. It's simple, elegant, and disassembled C++ reads like C! It helps me time and time again.
Language:C++48 11 212
CyBot
Open Source Threat Intelligence Chat Bot
Language:Python318 37 474
eBPF_processor
An IDA processor for eBPF bytecode
Language:Python47 4 05
IntroductionToMachineLearningForSecurityPros
Example code for our book Introduction to Artificial Intelligence for Security Professionals
Language:Python151 27 457
macos-arm64-emulation
A guide for emulating macOS arm64e on an x86-based host.
Language:C312 16 431
MarkovObfuscate
Use Markov Chains to obfuscate data as other data
Language:Python51 6 012
mitmcanary
Tool/service to detect Man in the Middle attacks with Canary Requests
Language:Python55 10 218
NMAP-Cluster
Clustering NMAP XML results to help make sense of large scan results.
Language:JavaScript33 9 216
SMBTrap
Tools developed to test the Redirect to SMB issue
Language:Python83 14 138
winapi-deobfuscation
Towards Generic Deobfuscation of Windows API Calls
Language:Python50 8 115

Cylance's Repositories

cylance/CyBot
Open Source Threat Intelligence Chat Bot
Language:Python318 37 474
cylance/macos-arm64-emulation
A guide for emulating macOS arm64e on an x86-based host.
Language:C312 16 431
cylance/IntroductionToMachineLearningForSecurityPros
Example code for our book Introduction to Artificial Intelligence for Security Professionals
Language:Python151 27 457
cylance/SMBTrap
Tools developed to test the Redirect to SMB issue
Language:Python83 14 138
cylance/mitmcanary
Tool/service to detect Man in the Middle attacks with Canary Requests
Language:Python55 10 218
cylance/MarkovObfuscate
Use Markov Chains to obfuscate data as other data
Language:Python51 6 012
cylance/winapi-deobfuscation
Towards Generic Deobfuscation of Windows API Calls
Language:Python50 8 115
cylance/Ablation
Ablation is a tool for augmenting static analysis by extracting information at runtime, and importing it into IDA. It can resolve virtual calls, reveal interesting code, exclude heavily traversed regions, identify untested or undocumented features, visually diff samples, or perform root cause analysis simply by running samples. My favourite however is the virtual call resolution with fully interactive x-refs. It's simple, elegant, and disassembled C++ reads like C! It helps me time and time again.
Language:C++48 11 212
cylance/eBPF_processor
An IDA processor for eBPF bytecode
Language:Python47 4 05
cylance/NMAP-Cluster
Clustering NMAP XML results to help make sense of large scan results.
Language:JavaScript33 9 216
cylance/PyPackerDetect
A malware dataset curation tool which helps identify packed samples.
Language:Python32 9 120
cylance/GetNETGUIDs
Extract GUIDs from .NET assemblies
Language:Python21 8 510
cylance/python-cyapi
This Library provides python bindings to interact with the Cylance API.
Language:Python20 14 1311
cylance/IDPanel
Identify botnet panels with Ensembled Decision Trees
Language:Python18 9 07
cylance/rogers
Python command-line tool that uses nearest neighbor search methods for malware similarity analysis
Language:Python16 6 04
cylance/CyLR
CyLR - Live Response Collection Tool
Language:C#10 4 02
cylance/GeneralizedConvolutionalNeuralNets
Generalized convolutional neural network algorithm for use with point cloud data with arbitrary spatial features.
Language:Python7 7 13
cylance/improving-malware-detection-accuracy-by-extracting-icon-information
Code for the paper "Improving Malware Detection Accuracy by Extracting Icon Information"
Language:Jupyter Notebook6 6 03
cylance/CyShell
A Powershell module to interface with Cylance APIs
Language:C#4 4 01
cylance/lazy-stochastic-principal-component-analysis
Code for the paper "Lazy stochastic principal component analysis"
Language:Python4 6 03
cylance/REcon2016
BBS-Era Exploitation for Fun and Anachronism
Language:C#4 5 02
cylance/perturbed-sequence-model
Language:TeX3 7 02
cylance/Prangster
Black-Box Assessment of Pseudorandom Algorithms
Language:C#3 6 03
cylance/IOCs
1 7 01
cylance/amazon-athena-cross-account-catalog
🌉 Reference implementation for granting cross-account AWS Glue Data Catalog access from Amazon Athena
Language:Python2 0
cylance/cloud-custodian
Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
Language:Python1 0
cylance/petastorm
Petastorm library enables single machine or distributed training and evaluation of deep learning models from datasets in Apache Parquet format. It supports ML frameworks such as Tensorflow, Pytorch, and PySpark and can be used from pure Python code.
Language:Python2 0
cylance/smart_open
Utils for streaming large files (S3, HDFS, gzip, bz2...)
Language:Python2 0
cylance/talus
Language:Python
cylance/talus_client
Language:Python3 01