carbonblack/tau-tools carbonblack/tau-tools

  • Stars
    star
    221
  • Rank 179,773 (Top 4 %)
  • Language
    PowerShell
  • License
    MIT License
  • Created about 6 years ago
  • Updated over 3 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
carbonblack/tau-tools
github

carbonblack

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A repo containing tools developed by Carbon Black's Threat Research Team: Threat Analysis Unit 
 _____ _____ _____    _____         _     
|_   _|  _  |  |  |  |_   _|___ ___| |___ 
  | | |     |  |  |    | | | . | . | |_ -|
  |_| |__|__|_____|    |_| |___|___|_|___|

Various tools from the VMware Carbon Black Threat Analysis Unit

VMware Carbon Black ThreatHunter

VMware Carbon Black Response

MITRE ATT&CK

Threat Hunting

Remediation

Threat Emulation

Malware Specific

Last updated: March 13, 2020

More Repositories

1

binee

Binee: binary emulation environment
Go
477
star
2

cbapi-python

Carbon Black API - Python language bindings
Python
146
star
3

active_c2_ioc_public

Active C2 IoCs
94
star
4

cb-event-forwarder

Subscribe to raw VMware Carbon Black EDR event feed and forward to another system, such as Splunk.
JavaScript
73
star
5

cbfeeds

Carbon Black Feeds
Python
66
star
6

carbon-black-cloud-sdk-python

VMware Carbon Black Cloud Python SDK
Python
37
star
7

cb-yara-connector

Analyze binaries collected in VMware Carbon Black EDR against Yara rules.
Python
36
star
8

excel4-tests

Carbon Black TAU Excel 4 Macro Analysis
36
star
9

cbc-syslog

Syslog Connector for the Carbon Black Cloud
Python
28
star
10

community

Community Sharing Repository for Carbon Black and Bit9 Platforms
Python
26
star
11

cb-taxii-connector

Connector for pulling and converting STIX information from TAXII Service Providers into CB Feeds.
Python
14
star
12

cbc-binary-toolkit

Binary Toolkit for the Carbon Black Cloud
Python
13
star
13

cb-integration

Carbon Black integration Python utility library
Python
12
star
14

cb-threatexchange-connector

Carbon Black - Facebook Threat Exchange Connector
Python
12
star
15

intellij-rpmspec

An IntelliJ plugin for RPM SPEC file support
Kotlin
12
star
16

mockc2

An interactive mock C2 server
Go
11
star
17

cb-lastline-connector

Carbon Black - LastLine Binary Detonation Connector
Python
11
star
18

cb-threatconnect-connector

VMware Carbon Black EDR - ThreatConnect Threat Intelligence Connector.
Python
8
star
19

cb-airgap-feed

Import Cb Collective Defense Cloud Intelligence Feeds to air-gapped VMware Carbon Black EDR servers
Python
6
star
20

cb-infoblox-connector

CB Connector for Infoblox Secure DNS
Python
5
star
21

cb-threatconnect-playbooks

Carbon Black Response and ThreatHunter Playbooks for ThreatConnect
4
star
22

cb-virustotal-connector

Cb Response integration with VirusTotal
Python
4
star
23

cb-fortisandbox-connector

A binary analysis connector using fortisandbox.
Python
3
star
24

cb-defense-splunk-app

Cb Defense App and Add-On for Splunk
Python
3
star
25

cb-isight-connector

Connector for pulling iSIGHT IOCs into a Carbon Black feed
Python
3
star
26

cb-cyphort-connector

Carbon Black - Cyphort Binary Detonation Connector
Python
2
star
27

cb-vmray-connector

VMRAY Connector
Python
2
star
28

cb-wildfire-connector

Carbon Black - Palo Alto Network WildFire binary detonation connector
Python
1
star
29

cb-fireeye-connector

Carbon Black FireEye Connector
Python
1
star
30

stacktrace-js

Generate, parse, and enhance JavaScript stack traces in all web browsers, internally forked/hosted from https://github.com/stacktracejs/stacktrace-js
JavaScript
1
star
31

cb-checkpoint-connector

Checkpoint Threat Emulation connector
Python
1
star