MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (+67.16%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-21.64%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (-45.52%)
fastfinderIncident Response - Fast suspicious file finder
Stars: ✭ 116 (-13.43%)
rhqRecon Hunt Queries
Stars: ✭ 66 (-50.75%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (+170.9%)
ir scriptsincident response scripts
Stars: ✭ 17 (-87.31%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+227.61%)
ThreathuntThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: ✭ 92 (-31.34%)
WatcherWatcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Stars: ✭ 324 (+141.79%)
ThreatpinchlookupDocumentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Stars: ✭ 257 (+91.79%)
OrianaOriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Stars: ✭ 152 (+13.43%)
BeagleBeagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Stars: ✭ 976 (+628.36%)
YAFRAYAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Stars: ✭ 22 (-83.58%)
Signature BaseSignature base for my scanner tools
Stars: ✭ 1,212 (+804.48%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (+20.9%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+1477.61%)
CCXDiggerThe CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.
Stars: ✭ 45 (-66.42%)
EvilizeParses Windows event logs files based on SANS Poster
Stars: ✭ 24 (-82.09%)
Sysmon ModularA repository of sysmon configuration modules
Stars: ✭ 1,229 (+817.16%)
catalystCatalyst is an open source SOAR system that helps to automate alert handling and incident response processes
Stars: ✭ 91 (-32.09%)
Malware FeedBringing you the best of the worst files on the Internet.
Stars: ✭ 69 (-48.51%)
yara-rulesYara rules written by me, for free use.
Stars: ✭ 13 (-90.3%)
ScrummageThe Ultimate OSINT and Threat Hunting Framework
Stars: ✭ 355 (+164.93%)
MemProcFS-AnalyzerMemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
Stars: ✭ 89 (-33.58%)
SyntheticSunSyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.
Stars: ✭ 49 (-63.43%)
StalkphishStalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
Stars: ✭ 256 (+91.04%)
DovehawkDovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
Stars: ✭ 97 (-27.61%)
IronNetTRThreat research and reporting from IronNet's Threat Research Teams
Stars: ✭ 36 (-73.13%)
KuiperDigital Forensics Investigation Platform
Stars: ✭ 257 (+91.79%)
DetectionlabelkDetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
Stars: ✭ 273 (+103.73%)
Apt HunterAPT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
Stars: ✭ 297 (+121.64%)
PSTraceTrace ScriptBlock execution for powershell v2
Stars: ✭ 38 (-71.64%)
pybinaryedgePython 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/
Stars: ✭ 16 (-88.06%)
OSINT-BrazucaRepositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.
Stars: ✭ 508 (+279.1%)
AttackdatamapA datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
Stars: ✭ 264 (+97.01%)
DnstwistDomain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Stars: ✭ 3,124 (+2231.34%)
Misp GalaxyClusters and elements to attach to MISP events or attributes (like threat actors)
Stars: ✭ 276 (+105.97%)
Docker-TemplatesDocker configurations for TheHive, Cortex and 3rd party tools
Stars: ✭ 71 (-47.01%)
ScriptingPS / Bash / Python / Other scripts For FUN!
Stars: ✭ 47 (-64.93%)
YetiYour Everyday Threat Intelligence
Stars: ✭ 1,037 (+673.88%)
Ir RescueA Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
Stars: ✭ 311 (+132.09%)
HistoricprocesstreeAn Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.
Stars: ✭ 46 (-65.67%)
PatrowlhearsPatrowlHears - Vulnerability Intelligence Center / Exploits
Stars: ✭ 89 (-33.58%)
ThehivedocsDocumentation of TheHive
Stars: ✭ 353 (+163.43%)
FclFCL (Fileless Command Lines) - Known command lines of fileless malicious executions
Stars: ✭ 409 (+205.22%)
MispMISP (core software) - Open Source Threat Intelligence and Sharing Platform
Stars: ✭ 3,485 (+2500.75%)
KlaraKaspersky's GReAT KLara
Stars: ✭ 565 (+321.64%)
TelerReal-time HTTP Intrusion Detection
Stars: ✭ 1,248 (+831.34%)
MalcomMalcom - Malware Communications Analyzer
Stars: ✭ 988 (+637.31%)
ThreathuntingA Splunk app mapped to MITRE ATT&CK to guide your threat hunts
Stars: ✭ 738 (+450.75%)
CortexCortex: a Powerful Observable Analysis and Active Response Engine
Stars: ✭ 676 (+404.48%)
BesafeBeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you
Stars: ✭ 21 (-84.33%)
Cortex4pyPython API Client for Cortex
Stars: ✭ 22 (-83.58%)