PwC Cyber Threat Operations

All

11 repositories

labscon-2024-knowledge-iis-power
Public
Supplementary material for LABScon 2024 talk "Knowledge IIS power"
YARA
•
Apache License 2.0
•0•0•0•0•Updated Oct 2, 2024Oct 2, 2024
iis-helper-plugin
Public
IDA Pro plugin to aid with the analysis of native IIS modules
Python
•
Apache License 2.0
•4•13•0•0•Updated Aug 1, 2024Aug 1, 2024
BinaryNinja_shellcodehashes
Public
Port of Mandiant ShellcodeHashes plugin from IDA to BinaryNinja
Python
•
Apache License 2.0
•2•10•1•0•Updated Jul 24, 2024Jul 24, 2024
rtfsig
Public
A tool to help malware analysts signature unique parts of RTF documents
python malware-analysis rtf-files yara-rules
Rich Text Format
•2•29•0•0•Updated Jan 26, 2024Jan 26, 2024
SmartJump
Public
IDA Pro plugin to enhance the 'g' keyboard shortcut
Python
•4•37•0•0•Updated Jul 24, 2023Jul 24, 2023
Cyber-Threats-2022-A-Year-in-Retrospect
Public
YARA
•
Apache License 2.0
•0•0•0•0•Updated Apr 4, 2023Apr 4, 2023
ScatterBee_Analysis
Public
Scripts to aid analysis of files obfuscated with ScatterBee.
Python
•
Apache License 2.0
•6•15•0•0•Updated Jan 6, 2023Jan 6, 2023
TheSAS2021-Red-Kelpie
Public
Indicators of compromise, YARA rules, and Python scripts to supplement the TheSAS2021 talk "Learning to ChaCha with Red Kelpie"
YARA
•
Apache License 2.0
•1•11•0•0•Updated Dec 21, 2022Dec 21, 2022
BlackHat-USA-2022-Talent-Need-Not-Apply
Public
Indicators of compromise and YARA rules related to the BlackHat USA 2022 talk "Talent Need Not Apply"
YARA
•
Apache License 2.0
•0•2•0•0•Updated Aug 8, 2022Aug 8, 2022
SANSCTISummit2021-xStart
Public
Indicators of compromise, YARA rules, and Python scripts to supplement the SANS CTI Summit 2021 talk: "xStart when you're ready".
Python
•
Apache License 2.0
•2•14•0•0•Updated Jul 12, 2021Jul 12, 2021
OperationCloudHopper
Public
Indicators of compromise relating to our report on APT10's targeting of global MSPs
ioc threat-hunting threat-intelligence
4•10•0•0•Updated Sep 26, 2017Sep 26, 2017