Droogy

<?xml version="1.0" encoding="UTF-8"?>
<opml version="2.0">
    <body>
        <outline text="All">
            <outline title="Hackers Online Club (HOC)" text="Hackers Online Club (HOC)" xmlUrl="https://blog.hackersonlineclub.com/feeds/posts/default" htmlUrl="https://blog.hackersonlineclub.com/" type="rss"></outline>
            <outline title="VMRay" text="VMRay" xmlUrl="https://www.vmray.com/feed/" htmlUrl="https://www.vmray.com/feed/" type="rss"></outline>
            <outline title="Blog" text="Blog" xmlUrl="https://www.cybereason.com/blog/rss.xml" htmlUrl="https://www.cybereason.com/blog" type="rss"></outline>
            <outline title="0patch Blog" text="0patch Blog" xmlUrl="https://blog.0patch.com/feeds/posts/default" htmlUrl="https://blog.0patch.com/" type="rss"></outline>
            <outline title="360 Netlab Blog - Network Security Research Lab at 360" text="360 Netlab Blog - Network Security Research Lab at 360" xmlUrl="https://blog.netlab.360.com/rss/" htmlUrl="https://blog.netlab.360.com/" typ

Droogy

# extract attachments and URLs (from e-mail body) from Outlook .eml files
# 
# 1. dump all mail samples into folder called Mail/
# 2. create empty folder "Attachments/" 
# 3. run tool from root of both folders

import os
import re
from independentsoft.msg import Message

Droogy

#!/usr/bin/env python3

import requests
import pandas as pd

df = pd.read_csv("https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/C2_configs/cobaltstrike.csv", usecols=["FirstSeen", "ip"])
df.drop_duplicates(subset="ip").to_csv("C2_masterlist.csv", index=False)

Droogy

import "pe"
import "hash"
import "math"
import "time"

rule Gootloader_container {
   meta:
      description = "Gootloader Dropper Container"    
      author = "Droogy"