Pinned Repositories
Almost-APT
Almost-APT provides detailed information on more than 70 cyber threat groups that have not yet been designated as an APT. Some of the information returned includes, TTP's, industries or sectors targeted, naming overlaps, and more!
almostapt-api
API for AlmostAPT project
DomainSpotter
email-watch
Tool to find registered domains via reverse WHOIS by email. Additionally, users can view DNS resolution and certificate info (if applicable) by selecting a domain.
infratrack
Microsoft-threat-protection-Hunting-Queries
Sample queries for Advanced hunting in Microsoft Threat Protection
My_Azure_Sentinel_Queries
NixWatch
*Nix Indicator of Compromise (IOC) Assessment Tool
Sliver_Venom
Search for Sliver C2 infrastructure with JARM hashes
mrippey's Repositories
mrippey/infratrack
mrippey/Almost-APT
Almost-APT provides detailed information on more than 70 cyber threat groups that have not yet been designated as an APT. Some of the information returned includes, TTP's, industries or sectors targeted, naming overlaps, and more!
mrippey/DomainSpotter
mrippey/email-watch
Tool to find registered domains via reverse WHOIS by email. Additionally, users can view DNS resolution and certificate info (if applicable) by selecting a domain.
mrippey/Microsoft-threat-protection-Hunting-Queries
Sample queries for Advanced hunting in Microsoft Threat Protection
mrippey/My_Azure_Sentinel_Queries
mrippey/NixWatch
*Nix Indicator of Compromise (IOC) Assessment Tool
mrippey/Sliver_Venom
Search for Sliver C2 infrastructure with JARM hashes
mrippey/almostapt-api
API for AlmostAPT project
mrippey/block_or_not
mrippey/C2Safari
An early version (beta) script to pull down possible C2 servers using a set of pre-defined Shodan queries.
mrippey/cat-py-em
Emulate the "cat" command in Python
mrippey/Check-Mal-URL
mrippey/firstcontact
Initial triage of a suspicious file in Python
mrippey/Get-Exit-Nodes
Python script to parse a list of Tor exit nodes, and write output to text file.
mrippey/google-alert-tranlsator
Translate foreign language Google Alert feed
mrippey/InfraWatch
mrippey/IP-Pursuit
Another Python CLI tool to gather information on suspicious IP addresses from multiple API sources.
mrippey/js-yara-rules
Yara rules for malicious javascript files from public repositories or written by me.
mrippey/Jupyter_Email_Analysis
mrippey/maltrail
Malicious traffic detection system
mrippey/mrippey
mrippey/Python100Days
TalkPython & PyBites 100 Days of Code Course
mrippey/reverse_dns_lookup
mrippey/rules-all
mrippey/Scrape-With-Httpx
Quick Example of Using Httpx Module Along With BeautifulSoup for Web Scraping
mrippey/sigma
Generic Signature Format for SIEM Systems
mrippey/SinkholeRadar
Inspired by a blog post from The Vertex Project, SinkholeRadar accepts an IPV4 address, checks if headers indicative of a sinkhole are found, and returns relevant information.
mrippey/WebJS_ID
Identify websites running suspicious JavaScript code courtesy of the PublicWWW API.
mrippey/Whats-New
File Discovery for Windows & *Nix