177 Open source projects that are alternatives of or similar to Klara

A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework

PowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting

the fastest way to consume threat intelligence.

DaProfiler allows you to create a profile on your target based in France only. The particularity of this program is its ability to find the e-mail addresses your target.

Signatures and IoCs from public Volexity blog posts.

🐺 Malware analysis platform

ThePhish: an automated phishing email analysis tool

Consolidation of various resources related to Microsoft Sysmon & sample data/log

Ayashige provides a list of suspicious newly updated domains as a JSON feed

Leverage Sophos Central API

Deploy and maintain Symon through the Splunk Deployment Sever

A curses-style interface for automatic takedown notification based on MISP events.

Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact))..

intelligence-icons is a collection of icons and diagrams for building training and marketing materials around Intelligence sharing; including but not limited to CTI, MISP Threat Sharing, STIX 2.

Best practices in threat intelligence

A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.

FCL (Fileless Command Lines) - Known command lines of fileless malicious executions

A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.

SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.

CyCAT.org API back-end server including crawlers

Standard-Format Threat Intelligence Feeds

Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations

Incident Response - Fast suspicious file finder

D4 core software (server and sample sensor client)

Malware hashes for open source projects.

This repository contains tools used by 401trg.

incident response scripts

A browser extension for OSINT search

The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.

Yara rules written by me, for free use.

Lookup file hashes, domain names and IP addresses using various vendors to assist with triaging potential threats.

evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.

Repository for threat hunting and detection queries, tools, etc.

A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.

🐺 Malware analysis platform

Recon Hunt Queries

OpenCTI Python Client

⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases

A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.

Python bindings for Yeti's API

Misc Threat Hunting Resources

🔧 Automatically deploy customizable Active Directory labs in Azure

Repository with Sample KQL Query examples for Threat Hunting

Threat Detection & Anomaly Detection rules for popular open-source components

Open Source EDR for Windows

Searches online paste sites for certain search terms which can indicate a possible data breach.

Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI

PCAP Samples for Different Post Exploitation Techniques

Lightweight File Integrity Monitoring Tool

This is a project of "#Twiti: Social Listening for Threat Intelligence" (TheWebConf 2021)

Open-source framework to detect outliers in Elasticsearch events

S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator

SIEM Tactics, Techiques, and Procedures

Tools for hunting for threats.

Mapping NSM rules to MITRE ATT&CK

Threat hunting Web Windows AD linux ATT&CK TTPs

CIF v3 -- the fastest way to consume threat intelligence

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.