• Stars
    star
    31
  • Rank 820,005 (Top 17 %)
  • Language
  • Created over 3 years ago
  • Updated about 3 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

More Repositories

1

Yara-Rules

Repository of YARA rules made by Trellix ATR Team
YARA
560
star
2

DotDumper

An automatic unpacker and logger for DotNet Framework targeting files
C#
246
star
3

CVE-2020-16898

CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule
Lua
207
star
4

Creosote

Creosote is our solution to searching for the tarfile vulnerability described by CVE-2007-4559.
Python
83
star
5

IOCs

Repository containing IOCs, CSV and MISP JSON from our blogs
HTML
78
star
6

GhidraScripts

Scripts to run within Ghidra, maintained by the Trellix ARC team
Java
73
star
7

NetLlix

A project created with an aim to emulate and test exfiltration of data over different network protocols.
C#
30
star
8

CVE-2020-16899

CVE-2020-16899 - Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule
Lua
20
star
9

xbypass

A tool to facilitate ROP Chain Development for XML Character Sanitization
Python
18
star
10

Expert-Rules

17
star
11

Ripple-20-Detection-Logic

Ripple20 Critical Vulnerabilities - Detection Logic and Signatures
Lua
11
star
12

Threat-Reports

Repository to store the Threat Reports made by the McAfee Enterprise ATR Team
11
star
13

ATR_HAX_CTF_2021

McAfee Enterprise Advanced Threat Research Capture the Flag
Python
8
star
14

DotDumperGUI

A graphical user interface to easily read through, and filter, DotDumper JSON-based logs
C#
6
star
15

ATR_HAX_CTF_2022

Trellix Advanced Threat Research CTF compitition of 2022
Java
5
star
16

Russian_CyberThreats_Yara

Repository with aggregated public source yara rules
2
star
17

DotDumperNative

The native (unmanaged) library which contains hooks for native functions that are hooked using DotDumper
C++
2
star
18

Golang-Runtime-Binaries

A repository with a variety of compiled Golang binaries, each of which contains the entire Golang runtime for the given architecture for the specific Golang version
1
star
19

BSim

BSim signatures and databases for Ghidra to recover function symbols with
1
star
20

FIDBs

FunctionID databases for Ghidra to recover function symbols with from stripped binaries
1
star