LokiLoki - Simple IOC and Incident Response Scanner
Stars: ✭ 2,217 (+82.92%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (-63.78%)
Python IocextractDefanged Indicator of Compromise (IOC) Extractor.
Stars: ✭ 300 (-75.25%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-91.34%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (-86.63%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (-70.05%)
Lw YaraYara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies
Stars: ✭ 78 (-93.56%)
MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (-81.52%)
YAFRAYAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Stars: ✭ 22 (-98.18%)
YobiYara Based Detection Engine for web browsers
Stars: ✭ 39 (-96.78%)
Awesome YaraA curated list of awesome YARA rules, tools, and people.
Stars: ✭ 1,394 (+15.02%)
Analyzer🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more
Stars: ✭ 108 (-91.09%)
DnstwistDomain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Stars: ✭ 3,124 (+157.76%)
yara-rulesYara rules written by me, for free use.
Stars: ✭ 13 (-98.93%)
MalwareHashDBMalware hashes for open source projects.
Stars: ✭ 31 (-97.44%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+74.42%)
MthcAll-in-one bundle of MISP, TheHive and Cortex
Stars: ✭ 134 (-88.94%)
Judge-Jury-and-ExecutableA file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Stars: ✭ 66 (-94.55%)
SSHapendoesCapture passwords of login attempts on non-existent and disabled accounts.
Stars: ✭ 31 (-97.44%)
detectionDetection in the form of Yara, Snort and ClamAV signatures.
Stars: ✭ 70 (-94.22%)
sqhunterA simple threat hunting tool based on osquery, Salt Open and Cymon API
Stars: ✭ 64 (-94.72%)
yara-validatorValidates yara rules and tries to repair the broken ones.
Stars: ✭ 37 (-96.95%)
ir scriptsincident response scripts
Stars: ✭ 17 (-98.6%)
malware-persistenceCollection of malware persistence and hunting information. Be a persistent persistence hunter!
Stars: ✭ 109 (-91.01%)
ScrummageThe Ultimate OSINT and Threat Hunting Framework
Stars: ✭ 355 (-70.71%)
memory signatureA small wrapper class providing an unified interface to search for various memory signatures
Stars: ✭ 69 (-94.31%)
OSINT-BrazucaRepositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.
Stars: ✭ 508 (-58.09%)
IronNetTRThreat research and reporting from IronNet's Threat Research Teams
Stars: ✭ 36 (-97.03%)
pybinaryedgePython 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/
Stars: ✭ 16 (-98.68%)
factual-rules-generatorFactual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
Stars: ✭ 62 (-94.88%)
rhqRecon Hunt Queries
Stars: ✭ 66 (-94.55%)
freki🐺 Malware analysis platform
Stars: ✭ 327 (-73.02%)
threat-intelSignatures and IoCs from public Volexity blog posts.
Stars: ✭ 130 (-89.27%)
fastfinderIncident Response - Fast suspicious file finder
Stars: ✭ 116 (-90.43%)
StalkphishStalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
Stars: ✭ 256 (-78.88%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (-93.98%)
Misp GalaxyClusters and elements to attach to MISP events or attributes (like threat actors)
Stars: ✭ 276 (-77.23%)
DetectionlabelkDetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
Stars: ✭ 273 (-77.48%)
Ioc2rpzioc2rpz is a place where threat intelligence meets DNS.
Stars: ✭ 67 (-94.47%)
AttackdatamapA datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
Stars: ✭ 264 (-78.22%)
Freki🐺 Malware analysis platform
Stars: ✭ 285 (-76.49%)
MispMISP (core software) - Open Source Threat Intelligence and Sharing Platform
Stars: ✭ 3,485 (+187.54%)
GosintThe GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).
Stars: ✭ 482 (-60.23%)
Ethereumjs UtilProject is in active development and has been moved to the EthereumJS monorepo.
Stars: ✭ 534 (-55.94%)
WatcherWatcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Stars: ✭ 324 (-73.27%)
Awesome IocsA collection of sources of indicators of compromise.
Stars: ✭ 526 (-56.6%)
KlaraKaspersky's GReAT KLara
Stars: ✭ 565 (-53.38%)
BesafeBeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you
Stars: ✭ 21 (-98.27%)
Virustotal ToolsSubmits multiple domains to VirusTotal API
Stars: ✭ 29 (-97.61%)
BeagleBeagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Stars: ✭ 976 (-19.47%)
ThreathuntingA Splunk app mapped to MITRE ATT&CK to guide your threat hunts
Stars: ✭ 738 (-39.11%)