205 Open source projects that are alternatives of or similar to Scot

Invoke-LiveResponse

BeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you

This repo contains logstash of various honeypots

Wazuh - Chef cookbooks

A toolkit for Security Researchers

Warning lists to inform users of MISP about potential false-positives or other information in indicators

A curated list of Site Reliability and Production Engineering resources.

🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more

Digging Deeper....

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

FAME Automates Malware Evaluation

Python script to decode common encoded PowerShell scripts

A list of cyber-chef recipes and curated links

SIAC is an enterprise SIEM built on open-source technology.

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing

Open source incident management and response platform.

ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.

A browser extension for OSINT search

Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI

A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)

A curated list of awesome things related to TheHive & Cortex

A curated list of tools for incident response

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

Recon Hunt Queries

Monzo's real-time incident response and reporting tool ⚡️

Information about my experiences on ethical hacking 💀

Collection of best practices to add OSINT into MISP and/or MISP communities

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

Phishing catcher using Certstream

Wazuh - Ruleset

Authors

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.

Imago is a python tool that extract digital evidences from images.

This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.

Digital Forensics Investigation Platform

Bringing you the best of the worst files on the Internet.

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

A dashboard for a real-time overview of threat intelligence from MISP instances

Infosec resource center for offensive and defensive security operations.

With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools

MISP trainings, threat intel and information sharing training materials with source code

Aggregated Indicators of Compromise collected and cross-verified from multiple open and community-supported sources, enriched and ranked using our intelligence platform for you. Threat Intelligence, Threat feed, Open source feed.

An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.

DaProfiler allows you to create a profile on your target based in France only. The particularity of this program is its ability to find the e-mail addresses your target.

Yara rules written by me, for free use.

Malware Analysis, Threat Intelligence and Reverse Engineering: LABS

Mapping NSM rules to MITRE ATT&CK

Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads

Python 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/

PS / Bash / Python / Other scripts For FUN!

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.

A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

incident response tool for iOS devices

Maltego CaseFile entities for information security investigations, malware analysis and incident response

Imports Alienvault OTX pulses to a MISP instance

Forensics artefact collection tool for systems running Microsoft Windows