142 Open source projects that are alternatives of or similar to Elemental

Mapping NSM rules to MITRE ATT&CK

⚔️MITRE ATT&CK Machinations in R

CyCAT.org API back-end server including crawlers

OpenCTI connectors

Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.

A repository of sysmon configuration modules

Detecting ATT&CK techniques & tactics for Linux

Authors

ioc2rpz is a place where threat intelligence meets DNS.

Monitor certificates generated for specific domain strings and associated, store data into sqlite3 database, alert you when sites come online.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings

Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.

Windows Events Attack Samples

Domain name permutation engine written in Go

Explore Indicators of Compromise Automatically

Test Blue Team detections without running any attack.

Malware Analysis, Threat Intelligence and Reverse Engineering: LABS

🚌 The missing link to connect open-source threat intelligence tools.

Tool to predict attacker groups from the techniques and software used

Melody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulation.

Warning lists to inform users of MISP about potential false-positives or other information in indicators

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

BeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you

A toolkit for Security Researchers

This repo contains logstash of various honeypots

🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more

Sandia Cyber Omni Tracker (SCOT)

Python3 library and command line for GreyNoise

A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.

PatrowlHears - Vulnerability Intelligence Center / Exploits

Don't Just Search OSINT. Sweep It.

Real-time HTTP Intrusion Detection

Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing

Phishing catcher using Certstream

Modules for expansion services, import and export in MISP

Signature base for my scanner tools

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Bringing you the best of the worst files on the Internet.

A knowledge base of actionable Incident Response techniques

With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools

A dashboard for a real-time overview of threat intelligence from MISP instances

Information about my experiences on ethical hacking 💀

MISP trainings, threat intel and information sharing training materials with source code

Imports Alienvault OTX pulses to a MISP instance

All-in-one bundle of MISP, TheHive and Cortex

Malcom - Malware Communications Analyzer

Personal compilation of APT malware from whitepaper releases, documents and own research

Utilities for Sysmon

internet monitoring osint telegram bot for windows

Web app that provides basic navigation and annotation of ATT&CK matrices

The Correlated CVE Vulnerability And Threat Intelligence Database API

Find phishing kits which use your brand/organization's files and image.

JSON DataSet for macOS mapped to MITRE ATT&CK Tactics.

Utilities for MITRE™ ATT&CK

MITRE ATT&CK Website

Automated Adversary Emulation Platform