904 Open source projects that are alternatives of or similar to Misp Galaxy

Personal compilation of APT malware from whitepaper releases, documents and own research

Bringing you the best of the worst files on the Internet.

Malware Sample Sources

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

Archive of publicly available threat INTel reports (mostly APT Reports but not limited to).

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

Utilities for Sysmon

Explore Indicators of Compromise Automatically

All-in-one bundle of MISP, TheHive and Cortex

🚌 The missing link to connect open-source threat intelligence tools.

Find phishing kits which use your brand/organization's files and image.

A helper to run OSINT queries & manage results continuously

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

#ThreatHunting #DFIR #Malware #Detection Mind Maps

Kaspersky's GReAT KLara

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Signature base for my scanner tools

Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.

Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.

Tracking APT IOCs

Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact))..

Capture passwords of login attempts on non-existent and disabled accounts.

recon-ng modules for Censys

A simple threat hunting tool based on osquery, Salt Open and Cymon API

The Ultimate OSINT and Threat Hunting Framework

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Malware hashes for open source projects.

Extract and aggregate threat intelligence.

BeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you

FCL (Fileless Command Lines) - Known command lines of fileless malicious executions

Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings

PatrowlHears - Vulnerability Intelligence Center / Exploits

A toolkit for Security Researchers

Real-time HTTP Intrusion Detection

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Don't Just Search OSINT. Sweep It.

🐺 Malware analysis platform

Threat Hunting queries for various attacks

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

Malcom - Malware Communications Analyzer

Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.

ThePhish: an automated phishing email analysis tool

🐺 Malware analysis platform

Microsoft Sentinel SOC Operations

Threat research and reporting from IronNet's Threat Research Teams

Python 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/

Minimalistic Multiple Layer Neural Network from Scratch in Python.

Remot3d: is a simple tool created for large pentesters as well as just for the pleasure of defacers to control server by backdoors

Code for my blog post on using S2E for malware analysis

A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to evade analysis. Guaranteed to bring down your pafish ratings by at least a few points ;)

Kaggle | 1st place solution for Freesound Audio Tagging 2019

🔥TorchSat 🌏 is an open-source deep learning framework for satellite imagery analysis based on PyTorch.

Malware samples for analysis, researchers, anti-virus and system protection testing.(1300+ Malware-samples!)

Simpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that were added in Windows 10 Spring Update (1803), also called "Redstone 4", with additional improvements that were made in Windows 10 October Update (1809), aka "Redstone 5".

SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.