MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (+8.74%)
YAFRAYAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Stars: ✭ 22 (-89.32%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-49.03%)
ThePhishThePhish: an automated phishing email analysis tool
Stars: ✭ 676 (+228.16%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (-21.36%)
CCXDiggerThe CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.
Stars: ✭ 45 (-78.16%)
WatcherWatcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Stars: ✭ 324 (+57.28%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+926.21%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (-64.56%)
MthcAll-in-one bundle of MISP, TheHive and Cortex
Stars: ✭ 134 (-34.95%)
SyntheticSunSyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.
Stars: ✭ 49 (-76.21%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (+76.21%)
Misp MaltegoSet of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.
Stars: ✭ 112 (-45.63%)
CertstreammonitorMonitor certificates generated for specific domain strings and associated, store data into sqlite3 database, alert you when sites come online.
Stars: ✭ 111 (-46.12%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-47.57%)
OsctrlFast and efficient osquery management
Stars: ✭ 183 (-11.17%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-27.67%)
PygreynoisePython3 library and command line for GreyNoise
Stars: ✭ 100 (-51.46%)
DovehawkDovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
Stars: ✭ 97 (-52.91%)
DnsmorphDomain name permutation engine written in Go
Stars: ✭ 148 (-28.16%)
PatrowlhearsPatrowlHears - Vulnerability Intelligence Center / Exploits
Stars: ✭ 89 (-56.8%)
TelerReal-time HTTP Intrusion Detection
Stars: ✭ 1,248 (+505.83%)
Litmus testDetecting ATT&CK techniques & tactics for Linux
Stars: ✭ 190 (-7.77%)
PhishingkithunterFind phishing kits which use your brand/organization's files and image.
Stars: ✭ 177 (-14.08%)
ResponseMonzo's real-time incident response and reporting tool ⚡️
Stars: ✭ 1,252 (+507.77%)
Sweetie DataThis repo contains logstash of various honeypots
Stars: ✭ 163 (-20.87%)
Misp WarninglistsWarning lists to inform users of MISP about potential false-positives or other information in indicators
Stars: ✭ 184 (-10.68%)
Analyzer🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more
Stars: ✭ 108 (-47.57%)
OrianaOriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Stars: ✭ 152 (-26.21%)
PypowershellxrayPython script to decode common encoded PowerShell scripts
Stars: ✭ 192 (-6.8%)
SiacSIAC is an enterprise SIEM built on open-source technology.
Stars: ✭ 100 (-51.46%)
Docker MispAutomated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
Stars: ✭ 148 (-28.16%)
ThreathuntThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: ✭ 92 (-55.34%)
WefflesBuild a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI
Stars: ✭ 176 (-14.56%)
AwesomeA curated list of awesome things related to TheHive & Cortex
Stars: ✭ 88 (-57.28%)
SleuthkitThe Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
Stars: ✭ 1,948 (+845.63%)
Misp ModulesModules for expansion services, import and export in MISP
Stars: ✭ 198 (-3.88%)
Signature BaseSignature base for my scanner tools
Stars: ✭ 1,212 (+488.35%)
OpenctiAuthors
Stars: ✭ 2,165 (+950.97%)
Imago ForensicsImago is a python tool that extract digital evidences from images.
Stars: ✭ 175 (-15.05%)
Thehive4pyPython API Client for TheHive
Stars: ✭ 143 (-30.58%)
Yara EndpointYara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
Stars: ✭ 75 (-63.59%)
Malware FeedBringing you the best of the worst files on the Internet.
Stars: ✭ 69 (-66.5%)
Misp DashboardA dashboard for a real-time overview of threat intelligence from MISP instances
Stars: ✭ 142 (-31.07%)
Ioc2rpzioc2rpz is a place where threat intelligence meets DNS.
Stars: ✭ 67 (-67.48%)
Vulnerability Data ArchiveWith the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
Stars: ✭ 63 (-69.42%)
Misp TrainingMISP trainings, threat intel and information sharing training materials with source code
Stars: ✭ 185 (-10.19%)
Aurora Incident ResponseIncident Response Documentation made easy. Developed by Incident Responders for Incident Responders
Stars: ✭ 171 (-16.99%)
Threatbus🚌 The missing link to connect open-source threat intelligence tools.
Stars: ✭ 139 (-32.52%)
MatireMalware Analysis, Threat Intelligence and Reverse Engineering: LABS
Stars: ✭ 55 (-73.3%)
Edr Testing ScriptTest the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
Stars: ✭ 136 (-33.98%)
WhitehatInformation about my experiences on ethical hacking 💀
Stars: ✭ 54 (-73.79%)
Misp TaxonomiesTaxonomies used in MISP taxonomy system and can be used by other information sharing tool.
Stars: ✭ 168 (-18.45%)
ScriptingPS / Bash / Python / Other scripts For FUN!
Stars: ✭ 47 (-77.18%)