m4pol

m4pol's Stars

• jqlang/jq

  Command-line JSON processor

  Language:C30.9k3242.2k1.6k

• allinurl/goaccess

  GoAccess is a real-time web log analyzer and interactive viewer that runs in a terminal in *nix systems or through your browser.

  Language:C18.7k3012.3k1.1k

• PowerShellMafia/PowerSploit

  PowerSploit - A PowerShell Post-Exploitation Framework

  Language:PowerShell12k7811884.6k

• redcanaryco/atomic-red-team

  Small and highly portable detection tests based on MITRE's ATT&CK.

  Language:C10k3512782.8k

• mandiant/capa

  The FLARE team's open-source tool to identify capabilities in executable files.

  Language:Python5k821k569

• Cisco-Talos/clamav

  ClamAV - Documentation is here: https://docs.clamav.net

  Language:C4.6k136689715

• amlweems/xzbot

  notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)

  Language:Go3.5k380240

• mandiant/flare-floss

  FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

  Language:Python3.4k132482460

• salesforce/ja3

  JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.

  Language:Python2.8k9652294

• activecm/rita-legacy

  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

  Language:Go2.5k113390362

• NextronSystems/APTSimulator

  A toolset to make a system look as if it was the victim of an APT attack

  Language:Batchfile2.5k1229431

• veandco/go-sdl2

  SDL2 binding for Go

  Language:C2.2k48381226

• last-byte/PersistenceSniper

  Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte

  Language:PowerShell1.9k4214190

• addy-dclxvi/i3-starterpack

  A simple guide (and example of configuration) about how to install i3 & its and essentials packages, then make them look eye candy, also contains my dotfiles of Debian 12 (Bookworm) setup

  Language:Scheme1.5k4216169

• Invoke-IR/PowerForensics

  PowerForensics provides an all in one platform for live disk forensic analysis

  Language:C#1.4k158126274

• andresriancho/enumerate-iam

  Enumerate the permissions associated with AWS credential set

  Language:Python1.1k1711178

• ghidraninja/ghidra_scripts

  Scripts for the Ghidra software reverse engineering suite.

  Language:YARA1k4412102

• Vector35/binaryninja-api

  Public API, examples, documentation and issues for Binary Ninja

  Language:C++956465.5k220

• Apr4h/CobaltStrikeScan

  Scan files or process memory for CobaltStrike beacons and parse their configuration

  Language:C#9032713116

• DebugPrivilege/InsightEngineering

  Hardcore Debugging

  75527191

• OALabs/BlobRunner

  Quickly debug shellcode extracted during malware analysis

  Language:C570141183

• mdecrevoisier/EVTX-to-MITRE-Attack

  Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.

  53626189

• tsoding/good_training_language

  Хороший Учебный Язык

  Language:Rust444558

• roadwy/DefenderYara

  Extracted Yara rules from Windows Defender mpavbase and mpasbase

  Language:YARA3057256

• fireeye/BitsParser

  Language:Python1429534

• zackelia/ghidra-dark-theme

  Modern dark theme based on the original ghidra-dark

  125212

• OALabs/research

  Research notes

  Language:Jupyter Notebook11710215

• knight0x07/OneNoteAnalyzer

  A C# based tool for analysing malicious OneNote documents

  Language:C#108828

• RussianPanda95/Yara-Rules

  Repository of Yara Rules

  Language:YARA954111

• Neo23x0/YARA-Style-Guide

  A specification and style guide for YARA rules

  39213