223 Open source projects that are alternatives of or similar to Misp Warninglists

Signature base for my scanner tools

Malcom - Malware Communications Analyzer

Defanged Indicator of Compromise (IOC) Extractor.

The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.

All-in-one bundle of MISP, TheHive and Cortex

#ThreatHunting #DFIR #Malware #Detection Mind Maps

Yara rules written by me, for free use.

Extract and aggregate threat intelligence.

ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

Windows Events Attack Samples

Python3 library and command line for GreyNoise

Investigate malicious Windows logon by visualizing and analyzing Windows event log

Real-time HTTP Intrusion Detection

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

Collaborative forensic timeline analysis

A repository of sysmon configuration modules

Yara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies

Bringing you the best of the worst files on the Internet.

This repo contains logstash of various honeypots

Domain name permutation engine written in Go

Indicator Extractor

Event Trace Log file parser in pure Python

Smart OSINT collection of common IOC types

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Information about my experiences on ethical hacking 💀

A curated list of awesome forensic analysis tools and resources

🚌 The missing link to connect open-source threat intelligence tools.

Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.

PatrowlHears - Vulnerability Intelligence Center / Exploits

PS / Bash / Python / Other scripts For FUN!

VirusTotal Wanna Be - Now with 100% more Hipster

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Phishing catcher using Certstream

internet monitoring osint telegram bot for windows

Authors

A toolkit for Security Researchers

An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.

Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing

Explore Indicators of Compromise Automatically

Tools for the Computer Incident Response Team 💻

ioc2rpz is a place where threat intelligence meets DNS.

Imago is a python tool that extract digital evidences from images.

With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools

Invoke-LiveResponse

Malware Analysis, Threat Intelligence and Reverse Engineering: LABS

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Automagically extract forensic timeline from volatile memory dump

Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.

Your Everyday Threat Intelligence

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Imports Alienvault OTX pulses to a MISP instance

Monitor certificates generated for specific domain strings and associated, store data into sqlite3 database, alert you when sites come online.

Melody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulation.

Python API Client for TheHive

🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

CIRCL system forensic tools or a jumble of tools to support forensic

A port of Kaitai to the Hiew hex editor