StalkphishStalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
freki🐺 Malware analysis platform
SyntheticSunSyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.
pybinaryedgePython 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/
rstthreatsAggregated Indicators of Compromise collected and cross-verified from multiple open and community-supported sources, enriched and ranked using our intelligence platform for you. Threat Intelligence, Threat feed, Open source feed.
DaProfilerDaProfiler allows you to create a profile on your target based in France only. The particularity of this program is its ability to find the e-mail addresses your target.
pyc2bytecodeA Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
ayashigeAyashige provides a list of suspicious newly updated domains as a JSON feed
attckr⚔️MITRE ATT&CK Machinations in R
OSINT-BrazucaRepositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.
IronNetTRThreat research and reporting from IronNet's Threat Research Teams
YAFRAYAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
misp-takedownA curses-style interface for automatic takedown notification based on MISP events.
TwiTiThis is a project of "#Twiti: Social Listening for Threat Intelligence" (TheWebConf 2021)
ScrummageThe Ultimate OSINT and Threat Hunting Framework
FireHOL-IP-AggregatorApplication for keeping feeds from FireHOL https://github.com/firehol/blocklist-ipsets with IP addresses appearance history. HTTP-based API service is developed for search requests.
sqhunterA simple threat hunting tool based on osquery, Salt Open and Cymon API
MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
PhishruffusIntelligent threat hunter and phishing servers
MurMurHashThis little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
SSHapendoesCapture passwords of login attempts on non-existent and disabled accounts.
malware-persistenceCollection of malware persistence and hunting information. Be a persistent persistence hunter!
intelligence-iconsintelligence-icons is a collection of icons and diagrams for building training and marketing materials around Intelligence sharing; including but not limited to CTI, MISP Threat Sharing, STIX 2.
threat-intelSignatures and IoCs from public Volexity blog posts.
ThePhishThePhish: an automated phishing email analysis tool
d4-coreD4 core software (server and sample sensor client)
mail to mispConnect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
CCXDiggerThe CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.