1496 Open source projects that are alternatives of or similar to Meerkat

SIEM Tactics, Techiques, and Procedures

WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

Real-time HTTP Intrusion Detection

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Open Source SIEM (Security Information and Event Management system).

Very basic CLI SIEM (Security Information and Event Management system).

UAVStack Open Source All in One Repository

Vulnerability Patterns Detector for C# and VB.NET

Pentest: Subdomains enumeration tool for penetration testers.

PatrowlHears - Vulnerability Intelligence Center / Exploits

Splunk code (SPL) useful for serious threat hunters.

白泽自动化运维系统：配置管理、网络探测、资产管理、业务管理、CMDB、CD、DevOps、作业编排、任务编排等功能,未来将添加监控、报警、日志分析、大数据分析等部分内容

TeaWeb-可视化的Web代理服务。DEMO: http://teaos.cn:7777

Pushes Sysmon Configs

Open-source framework to detect outliers in Elasticsearch events

Provides situational awareness of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) networks in support of network security assessments. #nsacyber

Retrieve useful information from apache/nginx access logs to help troubleshoot traffic related problems

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

** README ** This repo has MOVED to https://github.com/quadrantsec/sagan

A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.

Collaborative forensic timeline analysis

A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework

Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.

🖖 Fast, modern, easy-to-use network scanner

Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations

Consolidation of various resources related to Microsoft Sysmon & sample data/log

Volatility Explorer Suit

System Management RAM analysis tool

Threat Detection & Anomaly Detection rules for popular open-source components

#ThreatHunting #DFIR #Malware #Detection Mind Maps

Cortex: a Powerful Observable Analysis and Active Response Engine

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

Tencent Server Web

Microsoft Sentinel SOC Operations

incident response scripts

Repository with Sample KQL Query examples for Threat Hunting

Console.log with style.

Official QIIME 1 software repository. QIIME 2 (https://qiime2.org) has succeeded QIIME 1 as of January 2018.

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

An easy syntax to format your strings with colored fonts and backgrounds.

Clusters and elements to attach to MISP events or attributes (like threat actors)

🍀 Go basic library. || Go语言基础库

Kubernetes RBAC static Analysis & visualisation tool

Infosec Wordlists

binary toolkit

Fake HTTP log generator module, test if your monitor system can survive under the log spikes.

Main yt repository

Quick development library (AutoMapper, LinQ, IOC Dependency Injection, MemoryCache, Scheduled tasks, Config, Serializers, etc) with crossplatform support for Delphi/Firemonkey (Windows,Linux,OSX/IOS/Android) and freepascal (Windows/Linux).

Nagios status monitor for your desktop.

Progressive Analytics and Visualization

Extract server and IP address information from Browser SSRF

Web Application Security Scanner Framework

vuex 2.0 源码解读

哮天犬是一个通用的统一告警平台，提供配置化、流程化、标准化的能力，支持多种告警通知渠道，支持告警收敛、过滤、升级、工作流、自动恢复等功能，实现统一输入、不同输出。可以对接Grafana、阿里云Arms、实时计算等监控能力，各业务也可以直接在代码中埋点上报告警，也可以定制化开发，实现监控告警全场景覆盖。https://tal-tech.github.io/alarm-dog-docs

A C++ High Performance Net Library

Sysmon configuration file template with default high-quality event tracing

Fusion ICA Toolbox (MATLAB)

文献下载助手(ArticelsHelper) 基线拉平程序(Baseline Alignment) Q-PCR数据处理(Q-PCR Data)

data⎰describe: Pythonic EDA Accelerator for Data Science