This repository is the home to tools, configuration extractors, and other contributions to the infosec, threat hunting, malware researcher, and intelligence analysis community. At Elastic, we believe that being open and transparent is critical for the success of us and our users. Check out our blog post if you are interested in additional background.
Below you will find the sections we have opened in this repository:
| Folder | Description |
|---|---|
extractors/ |
Malware configuration extractors, organized by family |
indicators/ |
Research atomic indicators, organized by family |
nightMARE/ |
Malware reverse engineering and analysis library |
tools/ |
Tools released for community use |
If you would like you to provide feedback or contribute to this repository, please familiarize yourself with the applicable artifact’s readme and open an issue using one of the provided templates.
You can also reach us in our Slack Workspace or in the Security Discuss forum.
Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one or more contributor license agreements. Licensed under the Elastic License 2.0; you may not use these artifacts except in compliance with the Elastic License 2.0
Contributors must sign a Contributor License Agreement before contributing code to any Elastic repositories.