CabbyTAXII client implementation from EclecticIQ
Stars: ✭ 69 (-54.61%)
PymispPython library using the MISP Rest API
Stars: ✭ 254 (+67.11%)
Threat-Intel-Slack-BotInteractive Threat Intelligence Bot that leverages serverless framework, AWS/GCP, and Slack
Stars: ✭ 26 (-82.89%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (+138.82%)
MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (+47.37%)
rhqRecon Hunt Queries
Stars: ✭ 66 (-56.58%)
RpotReal-time Packet Observation Tool
Stars: ✭ 38 (-75%)
Awesome YaraA curated list of awesome YARA rules, tools, and people.
Stars: ✭ 1,394 (+817.11%)
rstthreatsAggregated Indicators of Compromise collected and cross-verified from multiple open and community-supported sources, enriched and ranked using our intelligence platform for you. Threat Intelligence, Threat feed, Open source feed.
Stars: ✭ 17 (-88.82%)
BesafeBeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you
Stars: ✭ 21 (-86.18%)
DnsmorphDomain name permutation engine written in Go
Stars: ✭ 148 (-2.63%)
Sysmon ModularA repository of sysmon configuration modules
Stars: ✭ 1,229 (+708.55%)
WatcherWatcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Stars: ✭ 324 (+113.16%)
SIGMA-detection-rulesSet of SIGMA rules (>250) mapped to MITRE Att@k tactic and techniques
Stars: ✭ 97 (-36.18%)
fastfinderIncident Response - Fast suspicious file finder
Stars: ✭ 116 (-23.68%)
ThreathuntingA Splunk app mapped to MITRE ATT&CK to guide your threat hunts
Stars: ✭ 738 (+385.53%)
Vendor-Threat-Triage-LookupLookup file hashes, domain names and IP addresses using various vendors to assist with triaging potential threats.
Stars: ✭ 17 (-88.82%)
Graylog Plugin ThreatintelGraylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases
Stars: ✭ 132 (-13.16%)
HarpoonCLI tool for open source and threat intelligence
Stars: ✭ 679 (+346.71%)
detection-rulesThreat Detection & Anomaly Detection rules for popular open-source components
Stars: ✭ 34 (-77.63%)
SSHapendoesCapture passwords of login attempts on non-existent and disabled accounts.
Stars: ✭ 31 (-79.61%)
S2ANS2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
Stars: ✭ 70 (-53.95%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+4427.63%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-1.97%)
Python IocextractDefanged Indicator of Compromise (IOC) Extractor.
Stars: ✭ 300 (+97.37%)
cif-v5The FASTEST way to consume threat intel.
Stars: ✭ 53 (-65.13%)
kestrel-langKestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
Stars: ✭ 165 (+8.55%)
Powerful PluginsPowerful plugins and add-ons for hackers
Stars: ✭ 621 (+308.55%)
MimirOSINT Threat Intel Interface - CLI for HoneyDB
Stars: ✭ 104 (-31.58%)
TelerReal-time HTTP Intrusion Detection
Stars: ✭ 1,248 (+721.05%)
FattFATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic
Stars: ✭ 490 (+222.37%)
Threathunting SplSplunk code (SPL) useful for serious threat hunters.
Stars: ✭ 117 (-23.03%)
ETWNetMonv3ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
Stars: ✭ 32 (-78.95%)
FclFCL (Fileless Command Lines) - Known command lines of fileless malicious executions
Stars: ✭ 409 (+169.08%)
PowerGRRPowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.
Stars: ✭ 52 (-65.79%)
CowrieCowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io
Stars: ✭ 3,810 (+2406.58%)
Awesome CybersecurityCurated list of awesome cybersecurity companies and solutions.
Stars: ✭ 77 (-49.34%)
MeerkatA collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
Stars: ✭ 284 (+86.84%)
ps-srum-huntingPowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting
Stars: ✭ 16 (-89.47%)
Misp DashboardA dashboard for a real-time overview of threat intelligence from MISP instances
Stars: ✭ 142 (-6.58%)
MurMurHashThis little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (-48.03%)
ELK-HuntingThreat Hunting with ELK Workshop (InfoSecWorld 2017)
Stars: ✭ 58 (-61.84%)
Signature BaseSignature base for my scanner tools
Stars: ✭ 1,212 (+697.37%)
malware-persistenceCollection of malware persistence and hunting information. Be a persistent persistence hunter!
Stars: ✭ 109 (-28.29%)
Apt HunterAPT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
Stars: ✭ 297 (+95.39%)
Misp GalaxyClusters and elements to attach to MISP events or attributes (like threat actors)
Stars: ✭ 276 (+81.58%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (-51.97%)
DetectionlabelkDetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
Stars: ✭ 273 (+79.61%)
OrianaOriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Stars: ✭ 152 (+0%)
HippocampeThreat Feed Aggregation, Made Easy
Stars: ✭ 149 (-1.97%)
ForagerMultithreaded threat Intelligence gathering built with Python3
Stars: ✭ 140 (-7.89%)
OpentaxiiTAXII server implementation in Python from EclecticIQ
Stars: ✭ 112 (-26.32%)