ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+1055.26%)
Vendor-Threat-Triage-LookupLookup file hashes, domain names and IP addresses using various vendors to assist with triaging potential threats.
Stars: ✭ 17 (-55.26%)
Awesome YaraA curated list of awesome YARA rules, tools, and people.
Stars: ✭ 1,394 (+3568.42%)
YAFRAYAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Stars: ✭ 22 (-42.11%)
yaraMalice Yara Plugin
Stars: ✭ 27 (-28.95%)
Yara RulesA collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
Stars: ✭ 206 (+442.11%)
DetectionlabelkDetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
Stars: ✭ 273 (+618.42%)
HelkThe Hunting ELK
Stars: ✭ 3,097 (+8050%)
YetiYour Everyday Threat Intelligence
Stars: ✭ 1,037 (+2628.95%)
ThreathuntingTools for hunting for threats.
Stars: ✭ 153 (+302.63%)
freki🐺 Malware analysis platform
Stars: ✭ 327 (+760.53%)
MispMISP (core software) - Open Source Threat Intelligence and Sharing Platform
Stars: ✭ 3,485 (+9071.05%)
binlexA Binary Genetic Traits Lexer Framework
Stars: ✭ 303 (+697.37%)
OwlyshieldOwlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact))..
Stars: ✭ 281 (+639.47%)
ApkidAndroid Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
Stars: ✭ 999 (+2528.95%)
ELK-HuntingThreat Hunting with ELK Workshop (InfoSecWorld 2017)
Stars: ✭ 58 (+52.63%)
ThreatKBKnowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
Stars: ✭ 68 (+78.95%)
Threat HuntingPersonal compilation of APT malware from whitepaper releases, documents and own research
Stars: ✭ 219 (+476.32%)
Judge-Jury-and-ExecutableA file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Stars: ✭ 66 (+73.68%)
pyetiPython bindings for Yeti's API
Stars: ✭ 15 (-60.53%)
Signature BaseSignature base for my scanner tools
Stars: ✭ 1,212 (+3089.47%)
Freki🐺 Malware analysis platform
Stars: ✭ 285 (+650%)
Python IocextractDefanged Indicator of Compromise (IOC) Extractor.
Stars: ✭ 300 (+689.47%)
StoqAn open source framework for enterprise level automated analysis.
Stars: ✭ 352 (+826.32%)
SeeSandboxed Execution Environment
Stars: ✭ 770 (+1926.32%)
Malware FeedBringing you the best of the worst files on the Internet.
Stars: ✭ 69 (+81.58%)
MeltingPotA tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.
Stars: ✭ 23 (-39.47%)
MultiscannerModular file scanning/analysis framework
Stars: ✭ 494 (+1200%)
YargenyarGen is a generator for YARA rules
Stars: ✭ 795 (+1992.11%)
Holmes TotemInvestigation Planner for fast running analysis with predictable execution time. For example, static analysis.
Stars: ✭ 25 (-34.21%)
XcpEntry point for issues and wiki. Also contains some scripts and sources.
Stars: ✭ 752 (+1878.95%)
ThreathuntingA Splunk app mapped to MITRE ATT&CK to guide your threat hunts
Stars: ✭ 738 (+1842.11%)
Operation WocaoOperation Wocao - Indicators of Compromise
Stars: ✭ 29 (-23.68%)
ApulloA scanner for taking basic fingerprints
Stars: ✭ 22 (-42.11%)
BluespawnAn Active Defense and EDR software to empower Blue Teams
Stars: ✭ 737 (+1839.47%)
Awesome NeuroscienceA curated list of awesome neuroscience libraries, software and any content related to the domain.
Stars: ✭ 734 (+1831.58%)
SysmontoolsUtilities for Sysmon
Stars: ✭ 903 (+2276.32%)
Ghidra scriptsScripts for the Ghidra software reverse engineering suite.
Stars: ✭ 732 (+1826.32%)
ManalyzeA static analyzer for PE executables.
Stars: ✭ 701 (+1744.74%)
BinjadockAn extendable, tabbed, dockable UI widget plugin for BinaryNinja https://binary.ninja.
Stars: ✭ 34 (-10.53%)
BesafeBeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you
Stars: ✭ 21 (-44.74%)
MalboxesBuilds malware analysis Windows VMs so that you don't have to.
Stars: ✭ 900 (+2268.42%)
Elk搭建ELK日志分析平台。
Stars: ✭ 688 (+1710.53%)
CrcRed Hat CodeReady Containers is a tool that manages a local OpenShift 4.x cluster optimized for testing and development purposes
Stars: ✭ 676 (+1678.95%)
Sentinel AttackTools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (+1678.95%)
NemuModern Hypervisor for the Cloud
Stars: ✭ 887 (+2234.21%)
SheepdogDistributed Storage System for QEMU
Stars: ✭ 896 (+2257.89%)
KsmA fast, hackable and simple x64 VT-x hypervisor for Windows and Linux. Builtin userspace sandbox and introspection engine.
Stars: ✭ 673 (+1671.05%)
FameFAME Automates Malware Evaluation
Stars: ✭ 663 (+1644.74%)
AnimusThe educational Animus malware
Stars: ✭ 17 (-55.26%)
Auditd AttackA Linux Auditd rule set mapped to MITRE's Attack Framework
Stars: ✭ 642 (+1589.47%)
Addon LxdoneAllows OpenNebula to manage Linux Containers via LXD
Stars: ✭ 36 (-5.26%)
Siem From ScratchSIEM-From-Scratch is a drop-in ELK based SIEM component for your Vagrant infosec lab
Stars: ✭ 31 (-18.42%)
IocsIoC's, PCRE's, YARA's etc
Stars: ✭ 15 (-60.53%)