InQuest

Repositories

• awesome-yara

  A curated list of awesome YARA rules, tools, and people.

  ioc awesome awesome-list threat-hunting malware-analysis malware-research yara
  192 1,067 2 2 Updated Jun 30, 2020

• yara-rules

  A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.

  threat-hunting yara yara-rules yara-signatures
  Python MIT 31 158 1 0 Updated Jun 30, 2020

• XLMMacroDeobfuscator

  Forked from DissectMalware/XLMMacroDeobfuscator

  Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)
  Python Apache-2.0 27 0 0 0 Updated Jun 27, 2020

• python-inquestlabs

  A Pythonic interface and command line tool for interacting with the InQuest Labs API.
  Python GPL-2.0 1 1 0 0 Updated Jun 26, 2020

• iqui-ngx

  Angular CDK based, Bootstrap styled components library
  TypeScript MIT 0 2 0 1 Updated Jun 24, 2020

• python-iocextract

  Defanged Indicator of Compromise (IOC) Extractor.

  ioc library osint base64 decoding dfir malware-research
  Python GPL-2.0 57 255 11 1 Updated May 26, 2020

• ThreatIngestor

  Extract and aggregate threat intelligence.

  ioc osint dfir threat-hunting malware-research misp threat-sharing
  Python GPL-2.0 73 334 13 0 Updated May 18, 2020

• ThreatKB

  Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)

  malware-research yara yara-rules yara-manager yara-signatures
  JavaScript GPL-2.0 10 48 51 (1 issue needs help) 0 Updated May 15, 2020

• inquest-labs

  DEPRECATED! See https://github.com/InQuest/python-inquestlabs
  Python MIT 0 0 0 0 Updated May 14, 2020

• ipython-notebooks

  A collection of iPython notebooks probably referenced from https://inquest.net/blog
  Jupyter Notebook MIT 0 0 0 0 Updated May 12, 2020

• python-sandboxapi

  Minimal, consistent Python API for building integrations with malware sandboxes.

  python library sandbox api-client malware-analysis automated-analysis
  Python GPL-2.0 26 83 3 1 Updated May 8, 2020

• malware-samples

  A collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net

  malware malware-analysis malware-research malware-samples
  AngelScript MIT 113 446 0 0 Updated May 7, 2020

• pcodedmp

  Forked from bontchev/pcodedmp

  A VBA p-code disassembler
  Python GPL-3.0 61 0 0 0 Updated Feb 12, 2020

• OSINT-Framework

  Forked from lockfale/OSINT-Framework

  OSINT Framework
  JavaScript MIT 461 0 0 0 Updated Jan 23, 2020

• iqui-icons
  MIT 0 2 0 0 Updated Jan 13, 2020

• Cortex-Analyzers

  Forked from TheHive-Project/Cortex-Analyzers

  Cortex Analyzers Repository
  Python AGPL-3.0 202 0 0 0 Updated Nov 27, 2019

• pcode2code

  Forked from Big5-sec/pcode2code

  a vba pcode decompiler based on pcodedmp
  Python 14 0 0 0 Updated Nov 26, 2019

• omnibus

  The OSINT Omnibus (beta release)

  python security osint iocs security-automation threat-intelligence
  Python MIT 57 232 18 0 Updated Nov 7, 2019

• splunk-inquest

  Splunk Addon for InQuest.
  Python GPL-2.0 0 2 0 0 Updated Oct 16, 2019

• python-threatkb

  Python library and command-line tool for InQuest ThreatKB. (pre-release)
  Python GPL-2.0 1 2 0 0 Updated Oct 16, 2019

• labs-experiments

  A collection of experiments overtop the InQuest Labs open data portal (https://labs.inquest.net).
  Python MIT 0 2 0 0 Updated Oct 14, 2019

• olefile

  Forked from decalage2/olefile

  olefile is a Python package to parse, read and write Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as Microsoft Office 97-2003 documents, vbaProject.bin in MS Office 2007+ files, Image Composer and FlashPix files, Outlook messages, StickyNotes, several Microscopy file fo…
  Python 55 1 0 0 Updated Oct 13, 2019

• VBASeismograph

  Forked from kirk-sayre-work/VBASeismograph

  A tool for detecting VBA stomping.
  Python MIT 11 0 0 0 Updated May 21, 2019

• file2pcap

  Forked from Cisco-Talos/file2pcap
  C GPL-2.0 28 2 0 0 Updated Mar 20, 2019

• DidierStevensSuite

  Forked from DidierStevens/DidierStevensSuite

  Please no pull requests for this repository. Thanks!
  YARA 222 0 0 0 Updated Feb 19, 2019

• oletools

  Forked from decalage2/oletools

  oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
  Python 315 0 0 0 Updated Feb 16, 2019

• pylcdui

  Forked from mik3y/pylcdui

  Python library for serial character LCD displays (MatrixOrbital, CrystalFontz, etc)
  Python GPL-2.0 7 1 0 0 Updated May 2, 2018

• virustotal

  Forked from adrianherrera/virustotal

  A simple command-line script to interact with the virustotal-api
  Python GPL-3.0 16 1 0 1 Updated Mar 2, 2018

• virustotal-api

  Forked from blacktop/virustotal-api

  Virus Total Public/Private/Intel API
  Python MIT 71 1 0 0 Updated Jul 20, 2017

• YaraSyntax

  Forked from nyx0/YaraSyntax

  Yara package for ST2/ST3
  GPL-3.0 3 2 0 0 Updated Sep 25, 2015