nbareil

Incident response guy

@airbus-cert France

Pinned Repositories

code-templates
My templates when starting from scratch
Language:Python4 3 01
docker-forensics
Incident response environment
Language:Dockerfile11 6 04
net2pcap
Net2PCAP is a simple network-to-pcap capture file for Linux. Its goal is to be as simple as possible to be used in hostile environments
Language:C39 4 818
octo-track-twitter
Track keywords on Twitter (tail -f v2.0)
Language:Python3 2 02
pcap-merge
pcap-merge is as simple and dummy as its name
Language:C4 3 01
pdf-preview
This is a sandboxed PDF viewer for Linux. It transforms PDF into SVG (serialized in JSON).
Language:C7 2 01
ptracemodule
yet another python module around ptrace()
Language:Python3 2 00
seccomp-nurse
Sandboxing framework based on SECCOMP
Language:C53 5 09
SSTIC-Annex
Slides et Articles de sstic.org
7 3 01
twisted-proxy
HTTP proxy logging daemon: a tcpdump-like, at HTTP level :)
Language:Python14 2 03

nbareil's Repositories

nbareil/seccomp-nurse
Sandboxing framework based on SECCOMP
Language:C53 5 09
nbareil/docker-forensics
Incident response environment
Language:Dockerfile11 6 04
nbareil/SSTIC-Annex
Slides et Articles de sstic.org
7 3 01
nbareil/yara-dedup
Dedup yara rules based on their rule identifier
Language:Go2 2 01
nbareil/docker-protobuf
All inclusive Protocol Buffer and gRPC suite, powered by Docker and Alpine
Language:Shell1 2 01
nbareil/go-github
Go library for accessing the GitHub API
Language:Go1 2 0
nbareil/govt
Virustotal API for Go
Language:Go1 2 0
nbareil/haydump
Language:Go1 2 0
nbareil/justanothergeek.chdir.org
My blog
Language:JavaScript1 1 0
nbareil/nix-forensics
Reproducible forensics environment, 100% of the time
Language:Nix1 0 0
nbareil/yaraparser-go
scanning and parsing yara files just for fun, ⚠️ NOT (intented to be) FINISHED!
Language:Go1 2 0
nbareil/CobaltStrikeParser
Language:Python1 0
nbareil/cookiecutter-py-cli
Language:Nix1 0
nbareil/evtx-tools
Language:Python1 0
nbareil/go-yara
Go bindings for YARA
Language:Go2 0
nbareil/huntlib
A Python library to help with some common threat hunting data analysis operations
Language:Python1 0
nbareil/misp-rfc
Specifications used in the MISP project including MISP core format
Language:Makefile2 0
nbareil/misp-warninglists
Warning lists to inform users of MISP about potential false-positives or other information in indicators
2 0
nbareil/mispgo
Golang library for MISP
Language:Go1 0
nbareil/msticpy
Microsoft Threat Intelligence Security Tools
Language:Python1 0
nbareil/mwclient
mwclient is a Python framework to interface with the MediaWiki API.
Language:Python2 0
nbareil/PyMISP
Python library using the MISP Rest API
Language:Python2 0
nbareil/python-registry
Pure Python parser for Windows Registry hives.
Language:Python0 0
nbareil/shellbags
Cross-platform, open-source shellbag parser
Language:Python2 0
nbareil/sigma
Generic Signature Format for SIEM Systems
Language:Python2 0
nbareil/star-and-clone
Language:Go2 0
nbareil/stenographer
Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. Discussion/announcements at stenographer@googlegroups.com
Language:Go2 0
nbareil/til-manager
Language:Python1 0
nbareil/voila
Voilà turns Jupyter notebooks into standalone web applications
Language:Python0 0
nbareil/yara-parser
Tools for parsing rulesets using the exact grammar as YARA. Written in Go.
Language:Go2 0