Elevate your Security Operations Center's efficiency with Howler, the cutting-edge alert triage platform tailored for today's SOC demands.

AssemblyLine4 documentation

AssemblyLine 4: File triage and malware analysis

A spark datasource implementation for the msgpack file format

Assemblyline 4 Malware Configuration Extractor service

Maco - Malware config extractor framework

Deobfuscate batch scripts obfuscated using string substitution and escape character techniques.

A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs

This Assemblyline service submits PE32 binaries to the unpac.me API and provides the results.

A JupyterLab extension providing, SQL formatter, auto-completion, syntax highlighting, Spark SQL and Trino

A Binary Genetic Traits Lexer Framework

Collection of private Yara rules.

[DEPRECATED] Windows helpers for GnuPG tools suite

A VBA parser and emulation engine to analyze malicious macros.

A VBA parser and emulation engine to analyze malicious macros.

Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js

A tool for studying JavaScript malware.

Assemblyline 4 (File triage and malware analysis platform) Helm charts for cluster and appliance.

Documentation that simply works

Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups

Malware Configuration Extraction Modules

Assemblyline 4 service that extracts malware family and details from AV labels

A proof-of-concept malware behaviour clustering system backed by a genetic algorithm.

Azure AD B2C custom policy solutions and samples.

A Fast (and safe) parser for the Windows XML Event Log (EVTX) format

[Does not work anymore!] Script to enable systemd support on current Ubuntu WSL2 images

A toolkit for embedding VPN capabilities in your application

A quick way into a systemd "bottle" for WSL