Rastrea2rCollecting & Hunting for IOCs with gusto and style
SiemSIEM Tactics, Techiques, and Procedures
Graylog Plugin ThreatintelGraylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases
Docbleach🚿 Sanitising your documents, one threat at a time. — Content Disarm & Reconstruction Software
RitaReal Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
PatrowlhearsPatrowlHears - Vulnerability Intelligence Center / Exploits
TelerReal-time HTTP Intrusion Detection
Vulnerability Data ArchiveWith the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
AptmapA map displaying threat actors from the misp-galaxy
VfeedThe Correlated CVE Vulnerability And Threat Intelligence Database API
Threatpursuit VmThreat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.
IntelmqIntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
SkyarkSkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
PytmA Pythonic framework for threat modeling
Icewater16,432 Free Yara rules created by
MeerkatA collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
WELAWELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
ThreatPursuit-VMThreat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.
hayabusaHayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
SysmonResourcesConsolidation of various resources related to Microsoft Sysmon & sample data/log
build-inspectorInspect your builds to look for changes in filesystem, network traffic and running processes.