Malware/IOC ingestion and processing engine

A multi-platform binary whitelisting solution

Splunk code (SPL) for serious threat hunters and detection engineers.

Analyze the security of any domain by finding all the information possible. Made in python.

A script to pull mobile app (Google Play and iOS App store) reviews into Slack.

APT & CyberCriminal Campaign Collection

An analytical framework for network traffic and behavioral analytics

Your bag of handy codes for malware researchers

Various snippets created during malware analysis

Resources for the Bungie.net API

Various scripts for different malware families

Used for the development and testing of PCRE's across suspected malicious URL's for identification.

Threat Intelligence Quotient Test - Dataviz and Statistical Analysis of TI feeds

Tool to gather Threat Intelligence indicators from publicly available sources

Dockerized REST service to look up URLs in Google Safe Browsing v4 API

Model assisted random sampling.

go-audit is an alternative to the auditd daemon that ships with many distros

A Python module to bypass Cloudflare's anti-bot page.

A dumb set of scripts for building a cuckoo rig

Scripts for dealing with various ek's

Free ways to dive into machine learning with Python and Jupyter Notebook. Notebooks, courses, and other links. (First posted in 2016.)

an ipew based map of a spreading cyber pathogen.

Python scripts to parse scans.io ssl data and ingest into elasticsearch for searching

Indicator Extractor

Various public documents, white-papers, articles, data, analysis, and statistics about breaches and security trends.

Malicious traffic detection system

Some results of my DGA reversing efforts

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

Hunting IOCs all day every day...