Airbus CERT

icon indicating an email [email protected]

Results 19 repositories owned by Airbus CERT

dnYara

33
Stars
10
Forks
Watchers

A multi-platform .Net wrapper library for the native Yara library.

verified publisher icon airbus-cert

etwbreaker

52
Stars
20
Forks
Watchers

An IDA plugin to deal with Event Tracing for Windows (ETW)

verified publisher icon airbus-cert

mispy

17
Stars
4
Forks
Watchers

Another MISP module for Python

verified publisher icon airbus-cert

PSTrace

39
Stars
8
Forks
Watchers

Trace ScriptBlock execution for powershell v2

verified publisher icon airbus-cert

Splunk-ETW

30
Stars
3
Forks
Watchers

A Splunk Technology Add-on to forward filtered ETW events.

verified publisher icon airbus-cert

timeliner

33
Stars
7
Forks
Watchers

A rewrite of mactime, a bodyfile reader

verified publisher icon airbus-cert

ttd2mdmp

25
Stars
1
Forks
Watchers

Extract data of TTD trace file to a minidump

verified publisher icon airbus-cert

vbSparkle

67
Stars
9
Forks
Watchers

VBScript & VBA source-to-source deobfuscator with partial-evaluation

verified publisher icon airbus-cert

yara-ttd

81
Stars
12
Forks
Watchers

Use YARA rules on Time Travel Debugging traces

verified publisher icon airbus-cert