Sysmon ConfigSysmon configuration file template with default high-quality event tracing
Stars: ✭ 3,287 (+2062.5%)
pybinaryedgePython 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/
Stars: ✭ 16 (-89.47%)
PatrowlhearsPatrowlHears - Vulnerability Intelligence Center / Exploits
Stars: ✭ 89 (-41.45%)
YAFRAYAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Stars: ✭ 22 (-85.53%)
IronNetTRThreat research and reporting from IronNet's Threat Research Teams
Stars: ✭ 36 (-76.32%)
SysmontoolsUtilities for Sysmon
Stars: ✭ 903 (+494.08%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+1290.79%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+188.82%)
csirtg-smrt-v1the fastest way to consume threat intelligence.
Stars: ✭ 27 (-82.24%)
mail to mispConnect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
Stars: ✭ 61 (-59.87%)
StalkphishStalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
Stars: ✭ 256 (+68.42%)
MispMISP (core software) - Open Source Threat Intelligence and Sharing Platform
Stars: ✭ 3,485 (+2192.76%)
OSINT-BrazucaRepositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.
Stars: ✭ 508 (+234.21%)
Threatbus🚌 The missing link to connect open-source threat intelligence tools.
Stars: ✭ 139 (-8.55%)
YetiYour Everyday Threat Intelligence
Stars: ✭ 1,037 (+582.24%)
pyetiPython bindings for Yeti's API
Stars: ✭ 15 (-90.13%)
sqhunterA simple threat hunting tool based on osquery, Salt Open and Cymon API
Stars: ✭ 64 (-57.89%)
ThreatpinchlookupDocumentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Stars: ✭ 257 (+69.08%)
Malware FeedBringing you the best of the worst files on the Internet.
Stars: ✭ 69 (-54.61%)
Vulnerability Data ArchiveWith the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
Stars: ✭ 63 (-58.55%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-30.92%)
Otx mispImports Alienvault OTX pulses to a MISP instance
Stars: ✭ 45 (-70.39%)
BeagleBeagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Stars: ✭ 976 (+542.11%)
MthcAll-in-one bundle of MISP, TheHive and Cortex
Stars: ✭ 134 (-11.84%)
DovehawkDovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
Stars: ✭ 97 (-36.18%)
ApulloA scanner for taking basic fingerprints
Stars: ✭ 22 (-85.53%)
CabbyTAXII client implementation from EclecticIQ
Stars: ✭ 69 (-54.61%)
RpotReal-time Packet Observation Tool
Stars: ✭ 38 (-75%)
Awesome YaraA curated list of awesome YARA rules, tools, and people.
Stars: ✭ 1,394 (+817.11%)
BesafeBeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you
Stars: ✭ 21 (-86.18%)
DnsmorphDomain name permutation engine written in Go
Stars: ✭ 148 (-2.63%)
VfeedThe Correlated CVE Vulnerability And Threat Intelligence Database API
Stars: ✭ 826 (+443.42%)
DetectionsThis repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.
Stars: ✭ 95 (-37.5%)
Graylog Plugin ThreatintelGraylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases
Stars: ✭ 132 (-13.16%)
ThreathuntingA Splunk app mapped to MITRE ATT&CK to guide your threat hunts
Stars: ✭ 738 (+385.53%)
ThreathuntThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: ✭ 92 (-39.47%)
BluespawnAn Active Defense and EDR software to empower Blue Teams
Stars: ✭ 737 (+384.87%)
HarpoonCLI tool for open source and threat intelligence
Stars: ✭ 679 (+346.71%)
Sentinel AttackTools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (+344.74%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-1.97%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+4427.63%)
Chatterinternet monitoring osint telegram bot for windows
Stars: ✭ 123 (-19.08%)
Hunting Mindmaps🔍 Mindmaps for threat hunting - work in progress.
Stars: ✭ 86 (-43.42%)
Auditd AttackA Linux Auditd rule set mapped to MITRE's Attack Framework
Stars: ✭ 642 (+322.37%)
Powerful PluginsPowerful plugins and add-ons for hackers
Stars: ✭ 621 (+308.55%)
TelerReal-time HTTP Intrusion Detection
Stars: ✭ 1,248 (+721.05%)
KlaraKaspersky's GReAT KLara
Stars: ✭ 565 (+271.71%)
Threathunting SplSplunk code (SPL) useful for serious threat hunters.
Stars: ✭ 117 (-23.03%)
FattFATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic
Stars: ✭ 490 (+222.37%)
FclFCL (Fileless Command Lines) - Known command lines of fileless malicious executions
Stars: ✭ 409 (+169.08%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (+138.82%)
CowrieCowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io
Stars: ✭ 3,810 (+2406.58%)
Misp DashboardA dashboard for a real-time overview of threat intelligence from MISP instances
Stars: ✭ 142 (-6.58%)
Sysmon ModularA repository of sysmon configuration modules
Stars: ✭ 1,229 (+708.55%)