Skip to content

naufalnurfauzi97/malware-hunting

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

120 Commits

honeypot-vagrant

honeypot-vagrant

 
 

honeypot

honeypot

 
 

lokirun

lokirun

 
 

malware-crawler

malware-crawler

 
 

mhn

mhn

 
 

sandbox

sandbox

 
 

soc

soc

 
 

spamtrap

spamtrap

 
 

t-pot

t-pot

 
 

volatility

volatility

 
 

readme.md

readme.md

 
 

Repository files navigation

       .__                           
______ |  |__ _____     ____   ____  
\____ \|  |  \\__  \   / ___\_/ __ \ 
|  |_> >   Y  \/ __ \_/ /_/  >  ___/ 
|   __/|___|  (____  /\___  / \___  >
|__|        \/     \//_____/      \/

Twitter: @phage_nz
GitHub: phage-nz
Blog: https://phage.nz

https://github.com/phage-nz/malware-hunting

A collection of scripts and information for Malware Hunting.

Current Inventory

\honeypot

  • autoinstall.sh - automatic install script for Dionaea, DionaeaFR, Cowrie and p0f.
  • dionaea-housekeeper.sh - cron script used to archive select Dionaea output on a daily basis.
  • cowrie.init - init.d script for Cowrie.
  • cowrie.logrotate - logrotate.d script for Cowrie.
  • dionaea.init - init.d script for Dionaea.
  • dionaea.logrotate - logrotate.d script for Dionaea.
  • dionaeafr.init - init.d script for DionaeaFR.
  • dionaeafr.logrotate - logrotate.d script for DionaeaFR.
  • generate_user_db.py - script to generate a random target user database for the Dionaea mysql service.
  • p0f.init - init.d script for p0f.
  • readme.txt - notes for the installation of Dionaea, p0f and Cowrie.
  • wordlist.txt - required by generate_user_db.py for the generation of plausible usernames and email addresses.

\lokirun

  • run.ps1 - PowerShell script to automate the operation of Loki IOC scanner.

\honeypot-vagrant

  • \scripts - location where the Vagrantfile sources the bootstrap.sh autoinstall script from.
  • aws.credentials - stores AWS credentials used by Vagrantfile.
  • readme.txt - notes for the installaion of Dionaea, p0f and Cowrie via Vagrant in AWS.
  • Vagrantfile - the Vagrantfile for automatic deployment of a honeypot.
  • vagrant-plugin.patch - a patch to fix a bug that prevents the installing of the vagrant-aws plugin.

\malware-crawler

  • readme.txt - reference to ph0neutria.

\mhn

  • readme.md - A collection of notes on extending and troubleshooting MHN.

\sandbox

  • readme.md - A set of instructions to build hardened malware analysis VM's using VMCloak and FLARE VM.

\soc

  • \Cortex-Analyzers - Custom analyzers for Hive Project's Cortex.
  • \Graylog - Custom content packs for Graylog.

\spamtrap

  • readme.md - Instructions on setting up spam traps using Mail-in-a-Box and Shiva.

\t-pot

  • readme.md - Instructions on deploying T-Pot honeypot platform.

\volatility

  • autoinstall.sh - A script to automatically install Volatility, bulk_extractor and vshot by Crowd Strike.

\yeti

  • autoinstall.sh - A script to automatically install Yeti and custom plugins stored under \res.

About

A collection of scripts and information for Malware Hunting.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 42.6%
  • Shell 42.3%
  • HTML 9.5%
  • PowerShell 4.6%
  • Ruby 1.0%