{"payload":{"pageCount":4,"repositories":[{"type":"Public","name":"gocrack-ui","owner":"mandiant","isFork":false,"description":"The User Interface for GoCrack","allTopics":["fireeye-flare"],"primaryLanguage":{"name":"Vue","color":"#41b883"},"pullRequestCount":31,"issueCount":0,"starsCount":83,"forksCount":52,"license":"MIT License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-28T07:14:05.515Z"}},{"type":"Public","name":"VM-Packages","owner":"mandiant","isFork":false,"description":"Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.","allTopics":["reverse-engineering","malware-analysis","chocolatey-packages","flare"],"primaryLanguage":{"name":"PowerShell","color":"#012456"},"pullRequestCount":8,"issueCount":85,"starsCount":132,"forksCount":62,"license":"Apache License 2.0","participation":[8,4,7,12,13,18,15,34,17,7,17,13,10,7,26,20,33,8,10,19,30,17,8,11,27,24,40,9,0,7,20,9,31,26,24,15,11,22,17,9,15,24,3,2,2,2,3,4,0,5,1,30],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-28T04:32:08.494Z"}},{"type":"Public","name":"flare-vm","owner":"mandiant","isFork":false,"description":"A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.","allTopics":["reverse-engineering","malware-analysis","flare"],"primaryLanguage":{"name":"PowerShell","color":"#012456"},"pullRequestCount":2,"issueCount":14,"starsCount":6309,"forksCount":895,"license":"Apache License 2.0","participation":[0,0,1,1,7,8,12,4,0,0,3,2,13,1,2,5,3,0,1,1,4,1,0,1,5,0,5,0,0,2,1,3,1,5,0,0,4,2,4,2,0,0,0,1,0,2,0,0,0,1,2,4],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-28T04:23:50.587Z"}},{"type":"Public","name":"capa","owner":"mandiant","isFork":false,"description":"The FLARE team's open-source tool to identify capabilities in executable files.","allTopics":["reverse-engineering","malware-analysis"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":10,"issueCount":203,"starsCount":4064,"forksCount":512,"license":"Apache License 2.0","participation":[24,4,4,11,15,19,43,57,5,21,20,13,20,19,5,13,1,4,14,7,19,7,21,5,13,16,10,4,2,11,1,4,4,7,14,14,5,6,10,21,16,42,19,19,2,22,42,40,42,45,49,45],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-27T15:16:41.192Z"}},{"type":"Public","name":"capa-testfiles","owner":"mandiant","isFork":false,"description":"Data to test capa's code and rules.","allTopics":[],"primaryLanguage":{"name":"Max","color":"#c4a79c"},"pullRequestCount":5,"issueCount":0,"starsCount":38,"forksCount":64,"license":"Apache License 2.0","participation":[1,0,1,1,0,0,2,2,0,0,1,2,0,1,0,0,0,0,4,1,0,0,1,0,0,0,2,1,0,1,0,8,0,4,0,1,0,0,2,7,3,5,0,1,0,0,2,0,1,13,3,2],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-26T10:30:40.691Z"}},{"type":"Public","name":"dncil","owner":"mandiant","isFork":false,"description":"The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.","allTopics":["gsoc-2024"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":6,"issueCount":2,"starsCount":135,"forksCount":14,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,4,0,0,3,0,0,0,0,0,0,3,0,0,3,2,0,0,2,0,3,0,0,1,0,0,0,4,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-26T09:26:42.933Z"}},{"type":"Public","name":"macos-UnifiedLogs","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Rust","color":"#dea584"},"pullRequestCount":2,"issueCount":6,"starsCount":202,"forksCount":16,"license":"Apache License 2.0","participation":[0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,3,1,6,0,0,0,0,0,5,1,0,0,0,0,0,0,0,1,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-25T19:59:29.816Z"}},{"type":"Public","name":"capa-rules","owner":"mandiant","isFork":false,"description":"Standard collection of rules for capa: the tool for enumerating the capabilities of programs","allTopics":[],"primaryLanguage":null,"pullRequestCount":5,"issueCount":85,"starsCount":514,"forksCount":157,"license":"Apache License 2.0","participation":[3,2,1,0,2,20,11,2,5,0,5,11,8,9,5,5,0,0,3,3,9,0,2,0,2,9,4,0,0,0,0,0,0,4,2,2,0,1,2,7,3,2,0,0,0,0,0,0,5,2,7,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-20T18:15:17.950Z"}},{"type":"Public","name":"GoReSym","owner":"mandiant","isFork":false,"description":"Go symbol recovery tool","allTopics":["gsoc-2024"],"primaryLanguage":{"name":"Go","color":"#00ADD8"},"pullRequestCount":4,"issueCount":8,"starsCount":536,"forksCount":64,"license":"MIT License","participation":[0,0,1,2,0,10,6,0,0,0,2,0,4,0,0,0,0,0,0,0,0,0,0,6,0,1,0,0,0,0,0,0,2,0,0,2,0,0,0,1,7,0,0,0,0,0,0,0,1,0,5,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-19T16:29:48.020Z"}},{"type":"Public","name":"GeoLogonalyzer","owner":"mandiant","isFork":false,"description":"GeoLogonalyzer is a utility to analyze remote access logs for anomalies such as travel feasibility and data center sources.","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":4,"issueCount":5,"starsCount":194,"forksCount":59,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,1,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-12T13:38:22.591Z"}},{"type":"Public","name":"ADFSpoof","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":3,"issueCount":2,"starsCount":346,"forksCount":57,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-12T08:13:42.909Z"}},{"type":"Public","name":"flare-floss","owner":"mandiant","isFork":false,"description":"FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.","allTopics":["strings","deobfuscation","flare","gsoc-2024","malware","malware-analysis"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":11,"issueCount":91,"starsCount":3147,"forksCount":445,"license":"Apache License 2.0","participation":[9,2,3,1,1,0,9,5,2,0,22,6,4,6,16,1,2,0,13,0,0,3,0,0,0,1,1,5,13,11,0,0,12,3,11,1,0,1,1,7,9,7,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-05T14:40:41.973Z"}},{"type":"Public","name":"commando-vm","owner":"mandiant","isFork":false,"description":"Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com","allTopics":["penetration-testing","red-teaming","fireeye-flare","windows"],"primaryLanguage":{"name":"PowerShell","color":"#012456"},"pullRequestCount":2,"issueCount":5,"starsCount":6868,"forksCount":1278,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-03T03:16:59.571Z"}},{"type":"Public","name":"Vulnerability-Disclosures","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":0,"issueCount":0,"starsCount":183,"forksCount":60,"license":null,"participation":[0,2,3,0,0,0,0,0,2,0,5,0,0,0,0,1,2,0,0,2,0,0,4,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-30T21:15:15.021Z"}},{"type":"Public","name":"gootloader","owner":"mandiant","isFork":false,"description":"Collection of scripts used to deobfuscate GOOTLOADER malware samples.","allTopics":["deobfuscation","gootloader"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":1,"starsCount":51,"forksCount":7,"license":"Apache License 2.0","participation":[0,0,0,0,5,3,0,4,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-26T19:03:33.624Z"}},{"type":"Public","name":"shelidate","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Go","color":"#00ADD8"},"pullRequestCount":0,"issueCount":0,"starsCount":2,"forksCount":0,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-23T04:42:00.693Z"}},{"type":"Public","name":"STrace","owner":"mandiant","isFork":false,"description":"A DTrace on Windows Reimplementation","allTopics":["gsoc-2024"],"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":3,"issueCount":5,"starsCount":315,"forksCount":44,"license":"MIT License","participation":[0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-22T18:08:23.641Z"}},{"type":"Public","name":"stringsifter","owner":"mandiant","isFork":false,"description":"A machine learning tool that ranks strings based on their relevance for malware analysis.","allTopics":["machine-learning","strings","reverse-engineering","learning-to-rank","fireeye-flare","fireeye-data-science","malware-analysis"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":2,"issueCount":5,"starsCount":672,"forksCount":124,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-15T18:27:12.004Z"}},{"type":"Public","name":"flare-ida","owner":"mandiant","isFork":false,"description":"IDA Pro utilities from FLARE team","allTopics":["reverse-engineering","ida-pro","ida-plugin","idapython","fireeye-flare","ida"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":3,"issueCount":22,"starsCount":2184,"forksCount":465,"license":"Apache License 2.0","participation":[0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-09T17:07:53.755Z"}},{"type":"Public","name":"gocrack","owner":"mandiant","isFork":false,"description":"GoCrack is a management frontend for password cracking tools written in Go","allTopics":["fireeye-flare"],"primaryLanguage":{"name":"Go","color":"#00ADD8"},"pullRequestCount":8,"issueCount":18,"starsCount":1111,"forksCount":240,"license":"MIT License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-05T21:32:20.468Z"}},{"type":"Public","name":"PwnAuth","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":10,"issueCount":2,"starsCount":362,"forksCount":89,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-26T19:42:32.570Z"}},{"type":"Public","name":"flare-fakenet-ng","owner":"mandiant","isFork":false,"description":"FakeNet-NG - Next Generation Dynamic Network Analysis Tool","allTopics":["traffic-redirection","fakenet-ng","mandiant-flare","gsoc-2024","malware-analysis"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":21,"issueCount":58,"starsCount":1757,"forksCount":356,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-01T05:09:02.110Z"}},{"type":"Public","name":"Ghidrathon","owner":"mandiant","isFork":false,"description":"The FLARE team's open-source extension to add Python 3 scripting to Ghidra.","allTopics":["gsoc-2024"],"primaryLanguage":{"name":"Java","color":"#b07219"},"pullRequestCount":2,"issueCount":16,"starsCount":685,"forksCount":54,"license":"Apache License 2.0","participation":[1,2,0,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,6,7,0,0,2,0,0,0,0,0,1,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-05-08T19:29:24.034Z"}},{"type":"Public","name":"speakeasy","owner":"mandiant","isFork":false,"description":"Windows kernel and user mode emulation.","allTopics":["emulation","gsoc-2023","malware-analysis"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":3,"issueCount":36,"starsCount":1462,"forksCount":226,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-04-12T05:04:33.443Z"}},{"type":"Public","name":"gocat","owner":"mandiant","isFork":false,"description":"Provides access to libhashcat","allTopics":["fireeye-flare"],"primaryLanguage":{"name":"Go","color":"#00ADD8"},"pullRequestCount":4,"issueCount":1,"starsCount":29,"forksCount":23,"license":"MIT License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-04-06T11:45:39.931Z"}},{"type":"Public","name":"ccmpwn","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":0,"starsCount":174,"forksCount":21,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-03-26T20:51:27.562Z"}},{"type":"Public","name":"red_team_tool_countermeasures","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"YARA","color":"#220000"},"pullRequestCount":1,"issueCount":2,"starsCount":2642,"forksCount":846,"license":"BSD 2-Clause \"Simplified\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-03-05T10:19:46.866Z"}},{"type":"Public","name":"flare-gsoc-2024","owner":"mandiant","isFork":false,"description":"Supporting resources and documentation for FLARE @ Google Summer of Code 2024","allTopics":[],"primaryLanguage":null,"pullRequestCount":0,"issueCount":0,"starsCount":15,"forksCount":1,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-02-12T16:36:17.283Z"}},{"type":"Public","name":"flare-floss-testfiles","owner":"mandiant","isFork":false,"description":"Resources for testing FLOSS by the FLARE team.","allTopics":[],"primaryLanguage":{"name":"C","color":"#555555"},"pullRequestCount":0,"issueCount":0,"starsCount":6,"forksCount":19,"license":null,"participation":[0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-02-05T09:33:52.197Z"}},{"type":"Public","name":"citrix-ioc-scanner-cve-2023-3519","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Shell","color":"#89e051"},"pullRequestCount":0,"issueCount":4,"starsCount":65,"forksCount":3,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-09-01T19:14:30.147Z"}}],"repositoryCount":93,"userInfo":null,"searchable":true,"definitions":[],"typeFilters":[{"id":"all","text":"All"},{"id":"public","text":"Public"},{"id":"source","text":"Sources"},{"id":"fork","text":"Forks"},{"id":"archived","text":"Archived"},{"id":"template","text":"Templates"}],"compactMode":false},"title":"mandiant repositories"}