A lib for measuring ACE based IDR operations.
Enterprise asset tracking by hostname for rouge device detection.
IP inspector is an IPv4 and IPv6 address metadata enricher and tracking tool. Use it on the command line and leverage it as a library.
Python client library and command line tool for the [Falcon Sandbox API](https://www.crowdstrike.com/products/threat-intelligence/falcon-sandbox-malware-analysis/).
Library to find URLs and check their validity.
command line tool for interfacing with multiple carbonblack environments to perform analysis and live response functions
Redis for Humans.
Python library and command line tool hunting in ACE ecosystems.
A Python wrapper library for libyara and a local server for fully utilizing the CPUs of the system to scan with yara.
Analysis Correlation Engine (ACE) API Python Bindings.
A python module for Chaining of Proxies
Python library and command line tool for interacting with the ThreatFox API provided by abuse.ch.
Library and CLI tool for Any Run (any.run) malware sandbox api.
Libraries and utilities for controling and working with Live Endpoint Response Clients.
Library that interacts with SIP to build an indicator whitelist system.
A library and cli tool for interfacing with Microsoft's Graph API.
Python library and command line tool for removing/restoring emails in office365/Exchange using EWS API
This is a simple python client wrapper for the [gglsbl-rest](https://github.com/mlsecproject/gglsbl-rest) service.
A simple utility for converting files that describe malware infections into remediation scripts that can clean up infections using native OS tools.
A thin wrapper around requests to interact with the Simple Intel Platform (SIP).
Python tool and library for decrypting encrypted MS Office files with a password
Library that interacts with CRITS to build an indicator whitelist system.
Library to interface with the CRITs API and raw MongoDB
A python script that parses the format of OLE compound documents used by Microsoft Office applications.
A simple library to work with a local instance of VxStream.
A simple library for performing splunk search automation.