inquest Goto Github PK

awesome-yara

A curated list of awesome YARA rules, tools, and people.

bddisasm

bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, designed specifically to detect shellcode-like behavior.

bincapz

enumerate binary capabilities, including malicious behaviors

binlex

A Binary Genetic Traits Lexer Framework

chepy

Chepy is a python lib/cli equivalent of the awesome CyberChef tool.

cortex-analyzers

Cortex Analyzers Repository

cyberchef-recipes

A list of cyber-chef recipes and curated links

didierstevenssuite

Please no pull requests for this repository. Thanks!

file2pcap

inquest-labs

DEPRECATED! See https://github.com/InQuest/python-inquestlabs

inquest-labs-community-rules

This repository houses a collection of community submitted YARA rules that run atop of labs.inquest.net

iocextract

Defanged Indicator of Compromise (IOC) Extractor.

ipython-notebooks

A collection of iPython notebooks probably referenced from https://inquest.net/blog

iq-cli

InQuest Platform v3 CLI and Python Library

iqui-icons

iqui-ngx

Angular CDK based, Bootstrap styled components library

labs-experiments

A collection of experiments overtop the InQuest Labs open data portal (https://labs.inquest.net).

macrome

Excel Macro Document Reader/Writer for Red Teamers & Analysts

malware-samples

A collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net

malware_lure

Collection of Malware Lures

malwaresourcecode

Collection of malware source code for a variety of platforms in an array of different programming languages.

malwoverview

Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.

microsoft-office-macro-clustering

msoffcrypto-tool

Python tool and library for decrypting MS Office files with passwords or other keys

olefile

olefile is a Python package to parse, read and write Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as Microsoft Office 97-2003 documents, vbaProject.bin in MS Office 2007+ files, Image Composer and FlashPix files, Outlook messages, StickyNotes, several Microscopy file formats, McAfee antivirus quarantine files, etc.

oletools

oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.

omnibus

The OSINT Omnibus (beta release)

osint-framework

OSINT Framework

packmypayload

A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX

pcode2code

a vba pcode decompiler based on pcodedmp