200 Open source projects that are alternatives of or similar to IronNetTR

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.

Extract and aggregate threat intelligence.

Tracking APT IOCs

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

recon-ng modules for Censys

A simple threat hunting tool based on osquery, Salt Open and Cymon API

Bringing you the best of the worst files on the Internet.

Utilities for Sysmon

PatrowlHears - Vulnerability Intelligence Center / Exploits

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .

Python 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/

🚌 The missing link to connect open-source threat intelligence tools.

Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.

Aggregated Indicators of Compromise collected and cross-verified from multiple open and community-supported sources, enriched and ranked using our intelligence platform for you. Threat Intelligence, Threat feed, Open source feed.

MISP trainings, threat intel and information sharing training materials with source code

Microsoft Sentinel SOC Operations

Defund the Police.

The Ultimate OSINT and Threat Hunting Framework

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension

Capture passwords of login attempts on non-existent and disabled accounts.

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Python bindings for Yeti's API

#ThreatHunting #DFIR #Malware #Detection Mind Maps

This repo contains logstash of various honeypots

Domain name permutation engine written in Go

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

Kaspersky's GReAT KLara

Malware Sample Sources

BeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you

A dashboard for a real-time overview of threat intelligence from MISP instances

Clusters and elements to attach to MISP events or attributes (like threat actors)

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

Sysmon configuration file template with default high-quality event tracing

internet monitoring osint telegram bot for windows

the fastest way to consume threat intelligence.

Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings

ThePhish: an automated phishing email analysis tool

Real-time HTTP Intrusion Detection

All-in-one bundle of MISP, TheHive and Cortex

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Signature base for my scanner tools

Explore Indicators of Compromise Automatically

A toolkit for Security Researchers

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

Don't Just Search OSINT. Sweep It.

Personal compilation of APT malware from whitepaper releases, documents and own research

Find phishing kits which use your brand/organization's files and image.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

A helper to run OSINT queries & manage results continuously

Archive of publicly available threat INTel reports (mostly APT Reports but not limited to).

With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools

Phishing catcher using Certstream

Your Everyday Threat Intelligence

CIF v3 -- the fastest way to consume threat intelligence

Standard-Format Threat Intelligence Feeds