MispMISP (core software) - Open Source Threat Intelligence and Sharing Platform
Stars: ✭ 3,485 (+12807.41%)
pyetiPython bindings for Yeti's API
Stars: ✭ 15 (-44.44%)
Threatbus🚌 The missing link to connect open-source threat intelligence tools.
Stars: ✭ 139 (+414.81%)
ThreatpinchlookupDocumentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Stars: ✭ 257 (+851.85%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+7729.63%)
ioc-fangerFang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .
Stars: ✭ 47 (+74.07%)
OSINT-BrazucaRepositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.
Stars: ✭ 508 (+1781.48%)
Malware FeedBringing you the best of the worst files on the Internet.
Stars: ✭ 69 (+155.56%)
mail to mispConnect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
Stars: ✭ 61 (+125.93%)
sqhunterA simple threat hunting tool based on osquery, Salt Open and Cymon API
Stars: ✭ 64 (+137.04%)
StalkphishStalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
Stars: ✭ 256 (+848.15%)
Sysmon ConfigSysmon configuration file template with default high-quality event tracing
Stars: ✭ 3,287 (+12074.07%)
pybinaryedgePython 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/
Stars: ✭ 16 (-40.74%)
PatrowlhearsPatrowlHears - Vulnerability Intelligence Center / Exploits
Stars: ✭ 89 (+229.63%)
CowrieCowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io
Stars: ✭ 3,810 (+14011.11%)
SysmontoolsUtilities for Sysmon
Stars: ✭ 903 (+3244.44%)
IronNetTRThreat research and reporting from IronNet's Threat Research Teams
Stars: ✭ 36 (+33.33%)
YetiYour Everyday Threat Intelligence
Stars: ✭ 1,037 (+3740.74%)
YAFRAYAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Stars: ✭ 22 (-18.52%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+1525.93%)
Bearded AvengerCIF v3 -- the fastest way to consume threat intelligence
Stars: ✭ 152 (+462.96%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (+451.85%)
OsweepDon't Just Search OSINT. Sweep It.
Stars: ✭ 225 (+733.33%)
Threat HuntingPersonal compilation of APT malware from whitepaper releases, documents and own research
Stars: ✭ 219 (+711.11%)
MthcAll-in-one bundle of MISP, TheHive and Cortex
Stars: ✭ 134 (+396.3%)
utilitiesThis repository contains tools used by 401trg.
Stars: ✭ 19 (-29.63%)
Werdlists⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases
Stars: ✭ 216 (+700%)
Threathunting SplSplunk code (SPL) useful for serious threat hunters.
Stars: ✭ 117 (+333.33%)
Malware-ZooHashes of infamous malware
Stars: ✭ 18 (-33.33%)
Judge-Jury-and-ExecutableA file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Stars: ✭ 66 (+144.44%)
Yara RulesA collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
Stars: ✭ 206 (+662.96%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (+288.89%)
SlidesMisc Threat Hunting Resources
Stars: ✭ 203 (+651.85%)
Awesome YaraA curated list of awesome YARA rules, tools, and people.
Stars: ✭ 1,394 (+5062.96%)
DovehawkDovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
Stars: ✭ 97 (+259.26%)
Adaz🔧 Automatically deploy customizable Active Directory labs in Azure
Stars: ✭ 197 (+629.63%)
DetectionsThis repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.
Stars: ✭ 95 (+251.85%)
WhidsOpen Source EDR for Windows
Stars: ✭ 188 (+596.3%)
ThreathuntThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: ✭ 92 (+240.74%)
SysmonResourcesConsolidation of various resources related to Microsoft Sysmon & sample data/log
Stars: ✭ 64 (+137.04%)
Hunting Mindmaps🔍 Mindmaps for threat hunting - work in progress.
Stars: ✭ 86 (+218.52%)
WefflesBuild a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI
Stars: ✭ 176 (+551.85%)
TelerReal-time HTTP Intrusion Detection
Stars: ✭ 1,248 (+4522.22%)
PhishingkithunterFind phishing kits which use your brand/organization's files and image.
Stars: ✭ 177 (+555.56%)
Sysmon ModularA repository of sysmon configuration modules
Stars: ✭ 1,229 (+4451.85%)
Signature BaseSignature base for my scanner tools
Stars: ✭ 1,212 (+4388.89%)
evtx-hunterevtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
Stars: ✭ 122 (+351.85%)
Pcap AttackPCAP Samples for Different Post Exploitation Techniques
Stars: ✭ 175 (+548.15%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (+170.37%)
Ee OutliersOpen-source framework to detect outliers in Elasticsearch events
Stars: ✭ 172 (+537.04%)
RpotReal-time Packet Observation Tool
Stars: ✭ 38 (+40.74%)