152 Open source projects that are alternatives of or similar to Bearded Avenger

Sysmon configuration file template with default high-quality event tracing

Python 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/

PatrowlHears - Vulnerability Intelligence Center / Exploits

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

recon-ng modules for Censys

Threat research and reporting from IronNet's Threat Research Teams

Utilities for Sysmon

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Extract and aggregate threat intelligence.

the fastest way to consume threat intelligence.

Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.

Tracking APT IOCs

🚌 The missing link to connect open-source threat intelligence tools.

Your Everyday Threat Intelligence

Python bindings for Yeti's API

A simple threat hunting tool based on osquery, Salt Open and Cymon API

Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension

Bringing you the best of the worst files on the Internet.

With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Imports Alienvault OTX pulses to a MISP instance

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

All-in-one bundle of MISP, TheHive and Cortex

Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings

A scanner for taking basic fingerprints

TAXII client implementation from EclecticIQ

A toolkit for Security Researchers

Real-time Packet Observation Tool

A curated list of awesome YARA rules, tools, and people.

BeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you

Domain name permutation engine written in Go

The Correlated CVE Vulnerability And Threat Intelligence Database API

This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.

Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases

A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.

An Active Defense and EDR software to empower Blue Teams

CLI tool for open source and threat intelligence

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

internet monitoring osint telegram bot for windows

🔍 Mindmaps for threat hunting - work in progress.

A Linux Auditd rule set mapped to MITRE's Attack Framework

Powerful plugins and add-ons for hackers

Real-time HTTP Intrusion Detection

Kaspersky's GReAT KLara

Splunk code (SPL) useful for serious threat hunters.

Windows Events Attack Samples

FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic

FCL (Fileless Command Lines) - Known command lines of fileless malicious executions

Phishing catcher using Certstream

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io

A dashboard for a real-time overview of threat intelligence from MISP instances

JSON DataSet for macOS mapped to MITRE ATT&CK Tactics.

A repository of sysmon configuration modules