SiacSIAC is an enterprise SIEM built on open-source technology.
Stars: ✭ 100 (-45.36%)
Osquery ConfigurationA repository for using osquery for incident detection and response
Stars: ✭ 618 (+237.7%)
rhqRecon Hunt Queries
Stars: ✭ 66 (-63.93%)
Cortex4pyPython API Client for Cortex
Stars: ✭ 22 (-87.98%)
BeagleBeagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Stars: ✭ 976 (+433.33%)
Wazuh ChefWazuh - Chef cookbooks
Stars: ✭ 9 (-95.08%)
Thehive4pyPython API Client for TheHive
Stars: ✭ 143 (-21.86%)
ResponseMonzo's real-time incident response and reporting tool ⚡️
Stars: ✭ 1,252 (+584.15%)
Cyberchef RecipesA list of cyber-chef recipes and curated links
Stars: ✭ 619 (+238.25%)
ZentralZentral is an open-source solution for infrastructure monitoring and endpoint event stream processing. It provides build-in orchestration of macOS security components (Santa, Osquery, et-al.), event correlation and event management. It consolidates its features with various data store backends (ElasticStack, Azure Log Analytics, Splunk, et-al.).
Stars: ✭ 522 (+185.25%)
Ios Triageincident response tool for iOS devices
Stars: ✭ 42 (-77.05%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-40.98%)
SleuthkitThe Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
Stars: ✭ 1,948 (+964.48%)
BashfuscatorA fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
Stars: ✭ 690 (+277.05%)
ExposqGo app that dispatches osquery to multi-machines
Stars: ✭ 89 (-51.37%)
FameFAME Automates Malware Evaluation
Stars: ✭ 663 (+262.3%)
Misp TaxonomiesTaxonomies used in MISP taxonomy system and can be used by other information sharing tool.
Stars: ✭ 168 (-8.2%)
CyphonOpen source incident management and response platform.
Stars: ✭ 543 (+196.72%)
Yara EndpointYara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
Stars: ✭ 75 (-59.02%)
Edr Testing ScriptTest the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
Stars: ✭ 136 (-25.68%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (-60.11%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (+98.36%)
LauncherOsquery launcher, autoupdater, and packager
Stars: ✭ 346 (+89.07%)
HistoricprocesstreeAn Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.
Stars: ✭ 46 (-74.86%)
Analyst CasefileMaltego CaseFile entities for information security investigations, malware analysis and incident response
Stars: ✭ 41 (-77.6%)
OrianaOriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Stars: ✭ 152 (-16.94%)
Osquery CookbookA Chef Cookbook to install and configure osquery.
Stars: ✭ 11 (-93.99%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-42.62%)
Aurora Incident ResponseIncident Response Documentation made easy. Developed by Incident Responders for Incident Responders
Stars: ✭ 171 (-6.56%)
WatcherWatcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Stars: ✭ 324 (+77.05%)
Awesome SreA curated list of Site Reliability and Production Engineering resources.
Stars: ✭ 7,687 (+4100.55%)
ThreathuntThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: ✭ 92 (-49.73%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+1055.19%)
CortexCortex: a Powerful Observable Analysis and Active Response Engine
Stars: ✭ 676 (+269.4%)
AwesomeA curated list of awesome things related to TheHive & Cortex
Stars: ✭ 88 (-51.91%)
WefflesBuild a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI
Stars: ✭ 176 (-3.83%)
IntelmqIntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
Stars: ✭ 611 (+233.88%)
OpcdeOPCDE Cybersecurity Conference Materials
Stars: ✭ 538 (+193.99%)
Osq Ext BinExtension to osquery windows that enhances it with real-time telemetry, log monitoring and other endpoint data collection
Stars: ✭ 142 (-22.4%)
HowtheysreA curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)
Stars: ✭ 6,962 (+3704.37%)
GoqueryProvide a shell like interface by utilizing osquery's distributed API
Stars: ✭ 74 (-59.56%)
FclFCL (Fileless Command Lines) - Known command lines of fileless malicious executions
Stars: ✭ 409 (+123.5%)
ThehiveTheHive: a Scalable, Open Source and Free Security Incident Response Platform
Stars: ✭ 2,300 (+1156.83%)
ThehivedocsDocumentation of TheHive
Stars: ✭ 353 (+92.9%)
Osql ExperimentalA community-oriented fork of osquery with support for cmake, public CI testing, and regular releases
Stars: ✭ 62 (-66.12%)
UrlextractorInformation gathering & website reconnaissance | https://phishstats.info/
Stars: ✭ 341 (+86.34%)
MthcAll-in-one bundle of MISP, TheHive and Cortex
Stars: ✭ 134 (-26.78%)
HubbleHubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting. HubbleStack is a free and open source project made possible by Adobe. https://github.com/adobe
Stars: ✭ 313 (+71.04%)
FleetA flexible control server for osquery fleets
Stars: ✭ 1,068 (+483.61%)
Imago ForensicsImago is a python tool that extract digital evidences from images.
Stars: ✭ 175 (-4.37%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (-11.48%)
Xxh🚀 Bring your favorite shell wherever you go through the ssh.
Stars: ✭ 2,559 (+1298.36%)