148 Open source projects that are alternatives of or similar to BlueCloud

Monitoring GitHub for sensitive data shared publicly

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/

Automate the creation of a lab environment complete with security tooling and logging best practices

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Provides various Windows Server Active Directory (AD) security-focused reports.

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.

🔮 Visibility Across Space and Time

Collaborative forensic timeline analysis

Invoke-LiveResponse

Live system forensic collector

Test Blue Team detections without running any attack.

VirusTotal Wanna Be - Now with 100% more Hipster

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Cortex Analyzers Repository

Investigate malicious Windows logon by visualizing and analyzing Windows event log

Automate creating resilient, disposable, secure and agile monitoring infrastructure for Blue Teams.

Indicator Extractor

A knowledge base of actionable Incident Response techniques

A curated list of awesome forensic analysis tools and resources

CyTrONE: Integrated Cybersecurity Training Framework

A repository of sysmon configuration modules

Forensics artefact collection tool for systems running Microsoft Windows

Yara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies

Smart OSINT collection of common IOC types

The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.

Python script to decode common encoded PowerShell scripts

PS / Bash / Python / Other scripts For FUN!

Zombie Ant Farm: Primitives and Offensive Tooling for Linux EDR evasion.

Loki - Simple IOC and Incident Response Scanner

This is a python tool aiming to make using TheHive webhooks easier.

Python API Client for TheHive

DFIRTrack - The Incident Response Tracking Application

All-in-one bundle of MISP, TheHive and Cortex

Tools for the Computer Incident Response Team 💻

A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.

A simple many-rules to many-files YARA scanner for incident response or malware zoos.

An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.

A port of Kaitai to the Hiew hex editor

Query and report user logons relations from MS Windows Security Events

ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.

网络安全 · 攻防对抗 · 蓝队清单，中文版

Windows Events Attack Samples

Misc Threat Hunting Resources

Signature base for my scanner tools

A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.

Event Trace Log file parser in pure Python

A portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️

Automagically extract forensic timeline from volatile memory dump

See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)

Your Everyday Threat Intelligence

Everything related to Linux Forensics

Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.

Malcom - Malware Communications Analyzer

Open Source EDR for Windows

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

CIRCL system forensic tools or a jumble of tools to support forensic

Warning lists to inform users of MISP about potential false-positives or other information in indicators

Documentation for Zeek

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)