PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (+15.71%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (-47.86%)
YAFRAYAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Stars: ✭ 22 (-84.29%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+1410%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (+159.29%)
MthcAll-in-one bundle of MISP, TheHive and Cortex
Stars: ✭ 134 (-4.29%)
WatcherWatcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Stars: ✭ 324 (+131.43%)
GDPatrolA Lambda-powered Security Orchestration framework for AWS GuardDuty
Stars: ✭ 50 (-64.29%)
MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (+60%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-25%)
ps-srum-huntingPowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting
Stars: ✭ 16 (-88.57%)
Threatbus🚌 The missing link to connect open-source threat intelligence tools.
Stars: ✭ 139 (-0.71%)
SiemSIEM Tactics, Techiques, and Procedures
Stars: ✭ 157 (+12.14%)
PhishingkithunterFind phishing kits which use your brand/organization's files and image.
Stars: ✭ 177 (+26.43%)
Threat IntelArchive of publicly available threat INTel reports (mostly APT Reports but not limited to).
Stars: ✭ 252 (+80%)
siemstressVery basic CLI SIEM (Security Information and Event Management system).
Stars: ✭ 24 (-82.86%)
PowerGRRPowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.
Stars: ✭ 52 (-62.86%)
fastfinderIncident Response - Fast suspicious file finder
Stars: ✭ 116 (-17.14%)
Malware FeedBringing you the best of the worst files on the Internet.
Stars: ✭ 69 (-50.71%)
Threat HuntingPersonal compilation of APT malware from whitepaper releases, documents and own research
Stars: ✭ 219 (+56.43%)
rhqRecon Hunt Queries
Stars: ✭ 66 (-52.86%)
SyntheticSunSyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.
Stars: ✭ 49 (-65%)
DovehawkDovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
Stars: ✭ 97 (-30.71%)
PatrowlhearsPatrowlHears - Vulnerability Intelligence Center / Exploits
Stars: ✭ 89 (-36.43%)
Threathunting SplSplunk code (SPL) useful for serious threat hunters.
Stars: ✭ 117 (-16.43%)
TelerReal-time HTTP Intrusion Detection
Stars: ✭ 1,248 (+791.43%)
malware-persistenceCollection of malware persistence and hunting information. Be a persistent persistence hunter!
Stars: ✭ 109 (-22.14%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (+6.43%)
Ee OutliersOpen-source framework to detect outliers in Elasticsearch events
Stars: ✭ 172 (+22.86%)
Signature BaseSignature base for my scanner tools
Stars: ✭ 1,212 (+765.71%)
MihariA helper to run OSINT queries & manage results continuously
Stars: ✭ 239 (+70.71%)
Threathunter PlaybookA Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
Stars: ✭ 2,879 (+1956.43%)
BeagleBeagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Stars: ✭ 976 (+597.14%)
OsweepDon't Just Search OSINT. Sweep It.
Stars: ✭ 225 (+60.71%)
ir scriptsincident response scripts
Stars: ✭ 17 (-87.86%)
ThreathuntThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: ✭ 92 (-34.29%)
SiacSIAC is an enterprise SIEM built on open-source technology.
Stars: ✭ 100 (-28.57%)
FclFCL (Fileless Command Lines) - Known command lines of fileless malicious executions
Stars: ✭ 409 (+192.14%)
OrianaOriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Stars: ✭ 152 (+8.57%)
Apt HunterAPT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
Stars: ✭ 297 (+112.14%)
WefflesBuild a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI
Stars: ✭ 176 (+25.71%)
ScotSandia Cyber Omni Tracker (SCOT)
Stars: ✭ 206 (+47.14%)
LogESPOpen Source SIEM (Security Information and Event Management system).
Stars: ✭ 162 (+15.71%)
SWELFSimple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.
Stars: ✭ 23 (-83.57%)
ThePhishThePhish: an automated phishing email analysis tool
Stars: ✭ 676 (+382.86%)
mail to mispConnect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
Stars: ✭ 61 (-56.43%)
CCXDiggerThe CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.
Stars: ✭ 45 (-67.86%)
introspectorA schema and set of tools for using SQL to query cloud infrastructure.
Stars: ✭ 61 (-56.43%)
evtx-hunterevtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
Stars: ✭ 122 (-12.86%)
SSHapendoesCapture passwords of login attempts on non-existent and disabled accounts.
Stars: ✭ 31 (-77.86%)
BesafeBeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you
Stars: ✭ 21 (-85%)
ThreatpinchlookupDocumentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Stars: ✭ 257 (+83.57%)
Vast🔮 Visibility Across Space and Time
Stars: ✭ 227 (+62.14%)