854 Open source projects that are alternatives of or similar to MindMaps

The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.

incident response scripts

All-in-one bundle of MISP, TheHive and Cortex

Invoke-LiveResponse

RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.

Explore Indicators of Compromise Automatically

Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.

CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library

PS / Bash / Python / Other scripts For FUN!

This toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.

ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Recon Hunt Queries

Python script to decode common encoded PowerShell scripts

Misc Threat Hunting Resources

Incident Response - Fast suspicious file finder

Extract and aggregate threat intelligence.

Signature base for my scanner tools

Trace ScriptBlock execution for powershell v2

ThePhish: an automated phishing email analysis tool

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

Live system forensic collector

Carve file metadata from NTFS index ($I30) attributes

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

Microsoft Sentinel SOC Operations

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Capture passwords of login attempts on non-existent and disabled accounts.

Cortex: a Powerful Observable Analysis and Active Response Engine

Python API Client for Cortex

An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.

A list of cyber-chef recipes and curated links

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Tracking APT IOCs

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

Imago is a python tool that extract digital evidences from images.

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

A portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️

Forensics artefact collection tool for systems running Microsoft Windows

A knowledge base of actionable Incident Response techniques

A curated list of tools for incident response

Python API Client for TheHive

Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI

Sandia Cyber Omni Tracker (SCOT)

Minimalistic DNS logging tool

Implementation of the famous Image Manipulation\Forgery Detector "ManTraNet" in Pytorch

ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.

A repository for using osquery for incident detection and response

Cortex Analyzers Repository

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

PCAP Samples for Different Post Exploitation Techniques

JSON DataSet for macOS mapped to MITRE ATT&CK Tactics.