AbuseCheck is a bulk IP reputation tool that queries the AbuseIPDB API to determine the risk level of IP addresses. It deduplicates inputs, skips internal addresses, and produces CSV/TXT reports plus a visual bar chart. API keys can be stored securely for repeat runs.
Collection of YARA rules and detection signatures for threat hunting and malware analysis. Includes rules for detecting malware families, attack techniques, and suspicious behaviors with a focus on minimizing false positives.
This space will soon feature other DFIR tools, security automation scripts, and open-source contributions. Stay tuned!