InQuest

Repositories

• pigasus

  Forked from cmu-snap/pigasus

  100Gbps Intrusion Detection and Prevention System
  C++ 12 0 0 0 Updated Nov 6, 2020

• bddisasm

  Forked from bitdefender/bddisasm

  bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, designed specifically to detect shellcode-like behavior.
  C Apache-2.0 61 0 0 0 Updated Nov 6, 2020

• python-sandboxapi

  Minimal, consistent Python API for building integrations with malware sandboxes.

  python library sandbox api-client malware-analysis automated-analysis
  Python GPL-2.0 27 91 3 0 Updated Nov 5, 2020

• ThreatIngestor

  Extract and aggregate threat intelligence.

  ioc osint dfir threat-hunting malware-research misp threat-sharing
  Python GPL-2.0 81 399 13 0 Updated Nov 3, 2020

• ThreatKB

  Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)

  malware-research yara yara-rules yara-manager yara-signatures
  JavaScript GPL-2.0 12 55 44 (1 issue needs help) 1 Updated Oct 27, 2020

• iqui-ngx

  Angular CDK based, Bootstrap styled components library
  TypeScript MIT 0 2 0 4 Updated Oct 26, 2020

• awesome-yara

  A curated list of awesome YARA rules, tools, and people.

  ioc awesome awesome-list threat-hunting malware-analysis malware-research yara
  214 1,216 0 0 Updated Oct 21, 2020

• Macrome

  Forked from michaelweber/Macrome

  Excel Macro Document Reader/Writer for Red Teamers & Analysts
  C# MIT 32 0 0 0 Updated Oct 16, 2020

• python-inquestlabs

  A Pythonic interface and command line tool for interacting with the InQuest Labs API.
  Python GPL-2.0 2 10 0 0 Updated Oct 13, 2020

• slate

  Forked from slatedocs/slate

  Beautiful static documentation for your API
  SCSS Apache-2.0 19,789 0 0 0 Updated Oct 12, 2020

• yara-rules

  A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.

  threat-hunting yara yara-rules yara-signatures
  Python MIT 34 186 1 0 Updated Sep 29, 2020

• SpuriousEmu

  Forked from ldbo/SpuriousEmu

  VBA analysis tools
  Python AGPL-3.0 1 0 0 0 Updated Aug 25, 2020

• omnibus

  The OSINT Omnibus (beta release)

  python security osint iocs security-automation threat-intelligence
  Python MIT 59 234 18 1 Updated Aug 18, 2020

• malware-samples

  A collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net

  malware malware-analysis malware-research malware-samples
  AngelScript MIT 125 504 0 0 Updated Aug 3, 2020

• python-iocextract

  Defanged Indicator of Compromise (IOC) Extractor.

  ioc library osint base64 decoding dfir malware-research
  Python GPL-2.0 61 279 10 0 Updated Jul 9, 2020

• XLMMacroDeobfuscator

  Forked from DissectMalware/XLMMacroDeobfuscator

  Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)
  Python Apache-2.0 36 1 0 0 Updated Jun 27, 2020

• inquest-labs

  DEPRECATED! See https://github.com/InQuest/python-inquestlabs
  Python MIT 0 0 0 0 Updated May 14, 2020

• ipython-notebooks

  A collection of iPython notebooks probably referenced from https://inquest.net/blog
  Jupyter Notebook MIT 0 0 0 0 Updated May 12, 2020

• pcodedmp

  Forked from bontchev/pcodedmp

  A VBA p-code disassembler
  Python GPL-3.0 60 0 0 0 Updated Feb 12, 2020

• OSINT-Framework

  Forked from lockfale/OSINT-Framework

  OSINT Framework
  JavaScript MIT 529 0 0 0 Updated Jan 23, 2020

• iqui-icons
  MIT 0 2 0 0 Updated Jan 13, 2020

• Cortex-Analyzers

  Forked from TheHive-Project/Cortex-Analyzers

  Cortex Analyzers Repository
  Python AGPL-3.0 228 0 0 0 Updated Nov 27, 2019

• pcode2code

  Forked from Big5-sec/pcode2code

  a vba pcode decompiler based on pcodedmp
  Python 15 0 0 0 Updated Nov 26, 2019

• splunk-inquest

  Splunk Addon for InQuest.
  Python GPL-2.0 0 2 0 0 Updated Oct 16, 2019

• python-threatkb

  Python library and command-line tool for InQuest ThreatKB. (pre-release)
  Python GPL-2.0 1 2 0 0 Updated Oct 16, 2019

• labs-experiments

  A collection of experiments overtop the InQuest Labs open data portal (https://labs.inquest.net).
  Python MIT 0 2 0 0 Updated Oct 14, 2019

• olefile

  Forked from decalage2/olefile

  olefile is a Python package to parse, read and write Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as Microsoft Office 97-2003 documents, vbaProject.bin in MS Office 2007+ files, Image Composer and FlashPix files, Outlook messages, StickyNotes, several Microscopy file fo…
  Python 59 1 0 0 Updated Oct 13, 2019

• VBASeismograph

  Forked from kirk-sayre-work/VBASeismograph

  A tool for detecting VBA stomping.
  Python MIT 12 0 0 0 Updated May 21, 2019

• file2pcap

  Forked from Cisco-Talos/file2pcap
  C GPL-2.0 28 2 0 0 Updated Mar 20, 2019

• DidierStevensSuite

  Forked from DidierStevens/DidierStevensSuite

  Please no pull requests for this repository. Thanks!
  YARA 241 0 0 0 Updated Feb 19, 2019