SiemSIEM Tactics, Techiques, and Procedures
Stars: ✭ 157 (-44.72%)
Mutual labels: analysis, baseline, response, monitor, log, recon, forensics, threat-hunting, scan, siem, threat WELAWELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
Stars: ✭ 442 (+55.63%)
TelerReal-time HTTP Intrusion Detection
Stars: ✭ 1,248 (+339.44%)
hayabusaHayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Stars: ✭ 908 (+219.72%)
LogESPOpen Source SIEM (Security Information and Event Management system).
Stars: ✭ 162 (-42.96%)
siemstressVery basic CLI SIEM (Security Information and Event Management system).
Stars: ✭ 24 (-91.55%)
UavstackUAVStack Open Source All in One Repository
Stars: ✭ 648 (+128.17%)
Security Code ScanVulnerability Patterns Detector for C# and VB.NET
Stars: ✭ 550 (+93.66%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-50%)
PatrowlhearsPatrowlHears - Vulnerability Intelligence Center / Exploits
Stars: ✭ 89 (-68.66%)
Threathunting SplSplunk code (SPL) useful for serious threat hunters.
Stars: ✭ 117 (-58.8%)
Baize白泽自动化运维系统:配置管理、网络探测、资产管理、业务管理、CMDB、CD、DevOps、作业编排、任务编排等功能,未来将添加监控、报警、日志分析、大数据分析等部分内容
Stars: ✭ 296 (+4.23%)
Build TeaWeb-可视化的Web代理服务。DEMO: http://teaos.cn:7777
Stars: ✭ 656 (+130.99%)
Ee OutliersOpen-source framework to detect outliers in Elasticsearch events
Stars: ✭ 172 (-39.44%)
GrassmarlinProvides situational awareness of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) networks in support of network security assessments. #nsacyber
Stars: ✭ 621 (+118.66%)
traffic analyserRetrieve useful information from apache/nginx access logs to help troubleshoot traffic related problems
Stars: ✭ 44 (-84.51%)
Sentinel AttackTools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (+138.03%)
Sagan** README ** This repo has MOVED to https://github.com/quadrantsec/sagan
Stars: ✭ 236 (-16.9%)
Judge-Jury-and-ExecutableA file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Stars: ✭ 66 (-76.76%)
TimesketchCollaborative forensic timeline analysis
Stars: ✭ 1,795 (+532.04%)
AttackdatamapA datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
Stars: ✭ 264 (-7.04%)
SWELFSimple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.
Stars: ✭ 23 (-91.9%)
sx🖖 Fast, modern, easy-to-use network scanner
Stars: ✭ 1,267 (+346.13%)
DomainCATDomain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations
Stars: ✭ 34 (-88.03%)
SysmonResourcesConsolidation of various resources related to Microsoft Sysmon & sample data/log
Stars: ✭ 64 (-77.46%)
Vol3xpVolatility Explorer Suit
Stars: ✭ 31 (-89.08%)
smram parseSystem Management RAM analysis tool
Stars: ✭ 50 (-82.39%)
detection-rulesThreat Detection & Anomaly Detection rules for popular open-source components
Stars: ✭ 34 (-88.03%)
MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (-21.13%)
CortexCortex: a Powerful Observable Analysis and Active Response Engine
Stars: ✭ 676 (+138.03%)
RitaReal Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
Stars: ✭ 1,352 (+376.06%)
TswTencent Server Web
Stars: ✭ 1,757 (+518.66%)
ir scriptsincident response scripts
Stars: ✭ 17 (-94.01%)
LogConsole.log with style.
Stars: ✭ 2,766 (+873.94%)
QiimeOfficial QIIME 1 software repository. QIIME 2 (https://qiime2.org) has succeeded QIIME 1 as of January 2018.
Stars: ✭ 272 (-4.23%)
StalkphishStalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
Stars: ✭ 256 (-9.86%)
JcolorAn easy syntax to format your strings with colored fonts and backgrounds.
Stars: ✭ 255 (-10.21%)
Misp GalaxyClusters and elements to attach to MISP events or attributes (like threat actors)
Stars: ✭ 276 (-2.82%)
Naza🍀 Go basic library. || Go语言基础库
Stars: ✭ 253 (-10.92%)
KraneKubernetes RBAC static Analysis & visualisation tool
Stars: ✭ 254 (-10.56%)
WordlistsInfosec Wordlists
Stars: ✭ 271 (-4.58%)
btbinary toolkit
Stars: ✭ 12 (-95.77%)
lunaticlogFake HTTP log generator module, test if your monitor system can survive under the log spikes.
Stars: ✭ 35 (-87.68%)
YtMain yt repository
Stars: ✭ 279 (-1.76%)
QuicklibQuick development library (AutoMapper, LinQ, IOC Dependency Injection, MemoryCache, Scheduled tasks, Config, Serializers, etc) with crossplatform support for Delphi/Firemonkey (Windows,Linux,OSX/IOS/Android) and freepascal (Windows/Linux).
Stars: ✭ 274 (-3.52%)
NagstamonNagios status monitor for your desktop.
Stars: ✭ 270 (-4.93%)
progressivisProgressive Analytics and Visualization
Stars: ✭ 42 (-85.21%)
PriestExtract server and IP address information from Browser SSRF
Stars: ✭ 13 (-95.42%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+935.92%)
alarm-dog哮天犬是一个通用的统一告警平台,提供配置化、流程化、标准化的能力,支持多种告警通知渠道,支持告警收敛、过滤、升级、工作流、自动恢复等功能,实现统一输入、不同输出。可以对接Grafana、阿里云Arms、实时计算等监控能力,各业务也可以直接在代码中埋点上报告警,也可以定制化开发,实现监控告警全场景覆盖。https://tal-tech.github.io/alarm-dog-docs
Stars: ✭ 165 (-41.9%)
NetserverA C++ High Performance Net Library
Stars: ✭ 271 (-4.58%)
Sysmon ConfigSysmon configuration file template with default high-quality event tracing
Stars: ✭ 3,287 (+1057.39%)
fitFusion ICA Toolbox (MATLAB)
Stars: ✭ 13 (-95.42%)
Python文献下载助手(ArticelsHelper) 基线拉平程序(Baseline Alignment) Q-PCR数据处理(Q-PCR Data)
Stars: ✭ 28 (-90.14%)
Data Describedata⎰describe: Pythonic EDA Accelerator for Data Science
Stars: ✭ 269 (-5.28%)