735 Open source projects that are alternatives of or similar to Abused-Legitimate-Services

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.

STIX data representing MITRE ATT&CK

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

ATT&CK Evaluations website (DEPRECATED)

MITRE Shield website

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.

A python module for working with ATT&CK

Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers

ThePhish: an automated phishing email analysis tool

stix-icons is a collection of colourful and clean icons for use in software, training and marketing material to visualize cyber threats according to the STIX language for intelligence exchange, defined by OASIS Cyber Threat Intelligence (CTI) TC

OpenCTI Python Client

CyCAT.org API back-end server including crawlers

OASIS TC Open Repository: Non-normative schemas and examples for STIX 2

OASIS TC Open Repository: Validate patterns used to express cyber observable content in STIX Indicators

The principal objectives and outputs of this project are the creation and dissemination of an extension to the VERIS schema incorporating ATT&CK mappings and associated usage documentation.

Curated list of awesome cybersecurity companies and solutions.

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Authors

A multi-layered and multi-tiered Machine Learning security solution, it supports always on detection system, Django REST framework used, equipped with a web-browser extension that uses a REST API call.

The SOC Analysts all-in-one CLI tool to automate and speed up workflow.

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

一款适用于红蓝对抗中的仿真钓鱼系统

Let's track phishing kits to give to research community raw material to study !

OASIS Cyber Threat Intelligence (CTI) TC: A tool for generating STIX content for prototyping and testing. https://github.com/oasis-open/cti-stix-generator

Malware similarity platform with modularity in mind.

Collecting IOCs posted on Twitter

Malware Machine Learning

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

💻⚠️ A curated collection of awesome malware, botnets, and other post-exploitation tools.

OASIS Cyber Threat Intelligence (CTI) TC Open Repository: Convert STIX 1.2 XML to STIX 2.x JSON

Bringing you the best of the worst files on the Internet.

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

Phishing Domains, urls websites and threats database. We use the PyFunceble testing tool to validate the status of all known Phishing domains and provide stats to reveal how many unique domains used for Phishing are still active.

Information gathering & website reconnaissance | https://phishstats.info/

A curated list of amazingly awesome Cybersecurity datasets

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

OpenCTI connectors

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

A Python DNS crawler to find identical domain names under different TLDs.

Hashes of infamous malware

VirusTotal Wanna Be - Now with 100% more Hipster

Malware Sample Sources

Who and what to follow in the world of cyber security

Wifiphisher is a rogue Access Point framework for conducting red team engagements or Wi-Fi security testing. Using Wifiphisher, penetration testers can easily achieve a man-in-the-middle position against wireless clients by performing targeted Wi-Fi association attacks. Wifiphisher can be further used to mount victim-customized web phishing attacks against the connected clients in order to capture credentials (e.g. from third party login pages or WPA/WPA2 Pre-Shared Keys) or infect the victim stations with malwares.

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

A Python RESTful API framework for online malware analysis and threat intelligence services.

Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact))..

A curated list of awesome resources related to executable packing

Code repository for the paper "Adversarial Deep Learning for Robust Detection of Binary Encoded Malware"

This repository contains a list of all web sites I come across that are either hacked with or purposefully hosting malware, ransomware, viruses or trojans.

phishEye is an ultimate phishing tool in python. Includes popular websites like Facebook, Twitter, Instagram, LinkedIn, GitHub, Dropbox, and many others. Created with Flask, custom templates, and tunneled with ngrok and localhost.run.

Archive of publicly available threat INTel reports (mostly APT Reports but not limited to).

Malice Windows Defender AntiVirus Plugin

An open source script to perform malware static analysis on Portable Executable

Malware samples, analysis exercises and other interesting resources.

Ethical Hacking Toolkit is a collection of tools, cheat sheets, and resources for Ethical hackers, Penetration Tester, and Security Researchers etc. It contains almost all tools mentioned in CEH, OSCP, eCPPT and PNPT

Kernel-Mode Driver that loads a dll into every new created process that loads kernel32.dll module

A simple auditing utility for macOS