hayabusa
FunctionStomping
hayabusa | FunctionStomping | |
---|---|---|
7 | 7 | |
1,938 | 668 | |
2.3% | - | |
9.7 | 2.5 | |
12 days ago | 7 months ago | |
Rust | Rust | |
GNU General Public License v3.0 only | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
hayabusa
- Hayabusa: Sigma-based forensics timeline generator for Windows event logs
- Release v2.5.0 ๐ฆ of Hayabusa - Hayabusa is a Windows event log fast forensics timeline generator and threat hunting tool
-
Is it possible to analyze old Windows Event Logs to find IOAs or IOCs with Wazuh?
Hayabusa https://github.com/Yamato-Security/hayabusa
- Analysing Hayabusa Results with jq
- Yamato-Security/hayabusa: Hayabusa is a threat hunting and fast forensics timeline generator for Windows event logs.
- Hayabusa is a threat hunting and fast forensics timeline generator for Windows event logs.
- hayabusa: Hayabusa is a threat hunting and fast forensics timeline generator for Windows event logs.
FunctionStomping
- FunctionStomping: A new shellcode injection technique. Given as C++ header or standalone Rust program
- FunctionStomping โ A new shellcode injection technique
- FunctionStomping: A new shellcode injection technique. Given as C++ header or standalone Rust program on Windows - a brand-new technique for shellcode injection to evade AVs and EDRs. Technique is inspired by Module Stomping and has some similarities. Hollows-hunter doesn't find it..
- A new shellcode injection methodology
What are some alternatives?
WELA - WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ใ็พ ๏ผใฆใงใฉ๏ผ
Owlyshield - Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact).
MemLabs - Educational, CTF-styled labs for individuals interested in Memory Forensics
MrKaplan - MrKaplan is a tool aimed to help red teamers to stay hidden by clearing evidence of execution.
hayabusa-rules - Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.
Hacking-Windows - A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and x64 environment.
chainsaw - Rapidly Search and Hunt through Windows Forensic Artefacts
x64dbg - An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
sigma-essentials - Everything you need for the #grindset
catherine - The Catherine Framework is a general-purpose cybersecurity framework built to provide extended support for defense operations.
krapslog-rs - Visualize logs in your terminal: โโโโโโโ โ โ โ โโโ โ โโ
Windows UI Library - Windows UI Library: the latest Windows 10 native controls and Fluent styles for your applications