1496 Open source projects that are alternatives of or similar to Siem

A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.

WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

Real-time HTTP Intrusion Detection

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Very basic CLI SIEM (Security Information and Event Management system).

Open Source SIEM (Security Information and Event Management system).

Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.

Microsoft Sentinel SOC Operations

incident response scripts

Open-source framework to detect outliers in Elasticsearch events

** README ** This repo has MOVED to https://github.com/quadrantsec/sagan

Pentest: Subdomains enumeration tool for penetration testers.

Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations

A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.

Retrieve useful information from apache/nginx access logs to help troubleshoot traffic related problems

Tencent Server Web

UAVStack Open Source All in One Repository

Provides situational awareness of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) networks in support of network security assessments. #nsacyber

🖖 Fast, modern, easy-to-use network scanner

Volatility Explorer Suit

Pushes Sysmon Configs

System Management RAM analysis tool

Repository with Sample KQL Query examples for Threat Hunting

Threat Detection & Anomaly Detection rules for popular open-source components

A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework

白泽自动化运维系统：配置管理、网络探测、资产管理、业务管理、CMDB、CD、DevOps、作业编排、任务编排等功能,未来将添加监控、报警、日志分析、大数据分析等部分内容

Cortex: a Powerful Observable Analysis and Active Response Engine

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

PatrowlHears - Vulnerability Intelligence Center / Exploits

TeaWeb-可视化的Web代理服务。DEMO: http://teaos.cn:7777

#ThreatHunting #DFIR #Malware #Detection Mind Maps

Splunk code (SPL) useful for serious threat hunters.

Consolidation of various resources related to Microsoft Sysmon & sample data/log

Vulnerability Patterns Detector for C# and VB.NET

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

Collaborative forensic timeline analysis

前端性能指标的监控,采集以及上报。用于测量第一个dom生成的时间(FP/FCP/LCP)、用户最早可操作时间（fid|tti）和组件的生命周期性能,，网络状况以及资源大小等等。向监控后台报告实际用户测量值。

Quality Automation Framework for web, mobileweb, mobile native and rest web-service using Selenium, webdrier, TestNG and Java Jersey

🔥 ZXing的精简版，优化扫码和生成二维码/条形码，内置闪光灯等功能。扫描风格支持：微信的线条样式，支付宝的网格样式。几句代码轻松拥有扫码功能 ，ZXingLite让集成更简单。（扫码识别速度快如微信）

A better console.log for the log-driven debugging junkies

Lightweight, feature-rich, accessible front-end library

Awesome list of digital forensic tools

Xinfra Monitor monitors the availability of Kafka clusters by producing synthetic workloads using end-to-end pipelines to obtain derived vital statistics - E2E latency, service produce/consume availability, offsets commit availability & latency, message loss rate and more.

No description or website provided.

Fast and simple music and audio analysis using RNN in Python 🕵️‍♀️ 🥁

Striker is an offensive information and vulnerability scanner.

Full-python LiDAR SLAM using ICP and Scan Context

CIF v3 -- the fastest way to consume threat intelligence

Monitor file system events using Swift

🚌 The missing link to connect open-source threat intelligence tools.

Auto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.

目标是提供一个通用的Java核心编程框架,作为搭建其它框架或者项目的基础. 让相关领域的研发人员能够专注高层设计而不用关注底层实现. 涵盖了缓存,存储,编解码,资源,脚本,监控,通讯,事件,事务9个方面.

Complete-Life-Cycle-of-a-Data-Science-Project

A collection of web monitors that notify of restocks or updates on sneaker related sites through Discord Webhook. This includes Shopify, Nike SNKRS (supports 42 countries), Supreme and now Footsite monitor!

Declarative fetch for React

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

SOTA Re-identification Methods and Toolbox

A collection of types & functions definitions useful for Objective-C binaries analysis.

physical memory introspection framework

WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.