198 Open source projects that are alternatives of or similar to pybinaryedge

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Domain name permutation engine written in Go

Kaspersky's GReAT KLara

Aggregated Indicators of Compromise collected and cross-verified from multiple open and community-supported sources, enriched and ranked using our intelligence platform for you. Threat Intelligence, Threat feed, Open source feed.

Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations

OSINT Threat Intel Interface - CLI for HoneyDB

Hashes of infamous malware

Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .

incident response scripts

All the IOC's I have gathered which are used directly involved coronavirus / covid-19 / SARS-CoV-2 cyber attack campaigns

Deploy and maintain Symon through the Splunk Deployment Sever

D4 core software (server and sample sensor client)

Virustotal Data to Timesketch

Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact))..

This repository contains tools used by 401trg.

Leverage Sophos Central API

CyCAT.org API back-end server including crawlers

This script will automatically set up an OSINT workstation starting from a Ubuntu OS.

A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.

Application for keeping feeds from FireHOL https://github.com/firehol/blocklist-ipsets with IP addresses appearance history. HTTP-based API service is developed for search requests.

Lookup file hashes, domain names and IP addresses using various vendors to assist with triaging potential threats.

The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.

evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.

Random hunting ordiented yara rules

DaProfiler allows you to create a profile on your target based in France only. The particularity of this program is its ability to find the e-mail addresses your target.

OpenCTI connectors

Awesome collection of great and useful resources concerning intelligence writing such as manuals/guides, standards, books, and articles

A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.

ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.

⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases

A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.

Repository for threat hunting and detection queries, tools, etc.

Pushes Sysmon Configs

Misc Threat Hunting Resources

🔧 Automatically deploy customizable Active Directory labs in Azure

PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.

Open Source EDR for Windows

OpenCTI Python Client

Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI

PCAP Samples for Different Post Exploitation Techniques

Intelligent threat hunter and phishing servers

Open-source framework to detect outliers in Elasticsearch events

SIEM Tactics, Techiques, and Procedures

enpoint detection / live analysis & sandbox host / signatures quality test

A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)

Tools for hunting for threats.

Threat Detection & Anomaly Detection rules for popular open-source components

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.

Set of SIGMA rules (>250) mapped to MITRE Att@k tactic and techniques

Searches online paste sites for certain search terms which can indicate a possible data breach.

Splunk code (SPL) useful for serious threat hunters.

JSON DataSet for macOS mapped to MITRE ATT&CK Tactics.

A curated list of awesome threat detection and hunting resources

This is a project of "#Twiti: Social Listening for Threat Intelligence" (TheWebConf 2021)

Threat Hunting with ELK Workshop (InfoSecWorld 2017)

The FASTEST way to consume threat intel.

A curated list of awesome YARA rules, tools, and people.

S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator

This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.