This repository contains IronNet's Threat Research.
| Project | Description |
|---|---|
Cobalt Strike |
Research and indicators for Cobalt Strike |
phishing |
Research and indicators related to phishing |
IronNet's Threat Research Teams
About: Arbitrium is a cross-platform is a remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows and Linux an
Take Note! With the exception of issues and PRs regarding changes to hosts/data/StevenBlack/hosts, all other issues regarding the content of the produ
HatVenom HatSploit native powerful payload generation and shellcode injection tool that provides support for common platforms and architectures. Featu
Bitpass Password Generator Installation Make sure Python 3+ is installed
infosec-fortress A python script to turn Ubuntu Desktop into a strong DFIR/RE System with some teeth (Purple Team Ops)! This is intended to create a s
Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service. This tool can help a digital forensic investigator to know the context, origin of specific files during a digital forensic investigation.
hash-cracker hash cracker is a multi-functional and compact...hash cracking tool...that supports dictionary attacks against three kinds of hashes: md5
F2Amapper This is python script that will extract the functions call in all used DLL in an executable and then provide a mapping of those functions to
Introduction orfipy is a tool written in python/cython to extract ORFs in an extremely and fast and flexible manner. Other popular ORF searching tools
0x00 介绍 tig Threat Intelligence Gathering 威胁情报收集,旨在提高蓝队拿到攻击 IP 后对其进行威胁情报信息收集的效率,目前已集成微步、IP 域名反查、Fofa 信息收集、ICP 备案查询、IP 存活检测五个模块,现已支持以下信息的查询: ✅ 微步标签 ✅ I
Threagile is an open-source toolkit for agile threat modeling:
log4j-honeypot-flask Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228 This can be
log4j-tools Quick links Click to find: Inclusions of log4j2 in compiled code Calls to log4j2 in compiled code Calls to log4j2 in source code Overview
GreedyBear The project goal is to extract data of the attacks detected by a TPOT or a cluster of them and to generate some feeds that can be used to p
Lazarus Research This repository publishes analysis reports and analysis tools for Operation Dream Job and Operation JTrack for Lazarus. Tools Python
WEB-EYES V1.0 web-eyes: OSINT tools for website research, 14 research methods ar
RedDrop Exfil Server Check out the accompanying MaverisLabs Blog Post Here! RedDrop Exfil Server is a Python Flask Web Server for Penetration Testers,
Dependency Combobulator Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage
DOME - A subdomain enumeration tool Check the Spanish Version Dome is a fast and reliable python script that makes active and/or passive scan to obtai
861 Feb 18, 2021
22.1k Jan 2, 2023
100 Dec 23, 2022
6 Feb 2, 2022
41 Dec 30, 2022
96 Dec 20, 2022
3 Feb 22, 2022
3 Sep 3, 2022
34 Nov 21, 2022
698 Dec 9, 2022
425 Jan 7, 2023
144 Nov 19, 2022
171 Dec 25, 2022
72 Jan 1, 2023
50 Sep 13, 2022
8 Nov 10, 2022
53 Nov 1, 2022
84 Dec 23, 2022
329 Jan 1, 2023