SANGPATI TECH

Incident Response

Spyre - Simple YARA-based IOC Scanner

byRefky -September 11, 2020

...a simple, self-contained modular host-based IOC scanner Spyre is a simple host-based IOC sca…

IRFuzz

IRFuzz - Simple Scanner with Yara Rule

byRefky -Agustus 10, 2020

IRFuzz is a simple scanner with yara rules for document archives or any files. Install 1. Prereq…

Binary

YARASAFE - Automatic Binary Function Similarity Checks with Yara

byRefky -Januari 23, 2020

SAFE is a tool developed to create Binary Functions Embedding developed by Massarelli L., Di Lu…

ExifTool

TuxResponse - Linux Incident Response

byRefky -Januari 10, 2020

TuxResponse is incident response script for linux systems written in bash. It can automate inci…

Analysis Framework

Multiscanner - Modular File Scanning/Analysis Framework

byRefky -Januari 06, 2020

MultiScanner is a file analysis framework that assists the user in evaluating a set of files b…

ARM64

RetDec - A Retargetable Machine-Code Decompiler Based On LLVM

byRefky -Desember 07, 2019

RetDec is a retargetable machine-code decompiler based on LLVM . The decompiler is not limited…

Api Hooks

CAPE - Malware Configuration And Payload Extraction

byRefky -Desember 03, 2019

CAPE is a malware sandbox. It is derived from Cuckoo and is designed to automate the process of …

Analysis

Noriben - Portable, Simple, Malware Analysis Sandbox

byRefky -Desember 23, 2016

Noriben is a Python-based script that works in conjunction with Sysinternals Procmon to automati…

Collection

ir-rescue - A Windows Batch Script To Comprehensively Collect Host Forensic Data

byRefky -Oktober 21, 2016

ir-rescue is a lightweight Windows Batch script that collects a myriad of forensi…