pybinaryedgePython 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/
Stars: ✭ 16 (-98.68%)
yara-exporterExporting MISP event attributes to yara rules usable with Thor apt scanner
Stars: ✭ 22 (-98.18%)
ScrummageThe Ultimate OSINT and Threat Hunting Framework
Stars: ✭ 355 (-70.71%)
OSINT-BrazucaRepositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.
Stars: ✭ 508 (-58.09%)
rhqRecon Hunt Queries
Stars: ✭ 66 (-94.55%)
Misp GalaxyClusters and elements to attach to MISP events or attributes (like threat actors)
Stars: ✭ 276 (-77.23%)
SSHapendoesCapture passwords of login attempts on non-existent and disabled accounts.
Stars: ✭ 31 (-97.44%)
AttackdatamapA datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
Stars: ✭ 264 (-78.22%)
DetectionlabelkDetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
Stars: ✭ 273 (-77.48%)
Freki🐺 Malware analysis platform
Stars: ✭ 285 (-76.49%)
DovehawkDovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
Stars: ✭ 97 (-92%)
WatcherWatcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Stars: ✭ 324 (-73.27%)
GosintThe GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).
Stars: ✭ 482 (-60.23%)
PhishingkithunterFind phishing kits which use your brand/organization's files and image.
Stars: ✭ 177 (-85.4%)
BeagleBeagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Stars: ✭ 976 (-19.47%)
ThreathuntingTools for hunting for threats.
Stars: ✭ 153 (-87.38%)
Threat IntelArchive of publicly available threat INTel reports (mostly APT Reports but not limited to).
Stars: ✭ 252 (-79.21%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-87.71%)
Virustotal ToolsSubmits multiple domains to VirusTotal API
Stars: ✭ 29 (-97.61%)
Misp WarninglistsWarning lists to inform users of MISP about potential false-positives or other information in indicators
Stars: ✭ 184 (-84.82%)
Threathunter PlaybookA Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
Stars: ✭ 2,879 (+137.54%)
OrianaOriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Stars: ✭ 152 (-87.46%)
ioc-scannerSearch a filesystem for indicators of compromise (IoC).
Stars: ✭ 31 (-97.44%)
KlaraKaspersky's GReAT KLara
Stars: ✭ 565 (-53.38%)
Ethereumjs UtilProject is in active development and has been moved to the EthereumJS monorepo.
Stars: ✭ 534 (-55.94%)
threat-intelSignatures and IoCs from public Volexity blog posts.
Stars: ✭ 130 (-89.27%)
monetaMoneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs
Stars: ✭ 384 (-68.32%)
YetiYour Everyday Threat Intelligence
Stars: ✭ 1,037 (-14.44%)
freki🐺 Malware analysis platform
Stars: ✭ 327 (-73.02%)
Awesome IocsA collection of sources of indicators of compromise.
Stars: ✭ 526 (-56.6%)
ThreathuntingA Splunk app mapped to MITRE ATT&CK to guide your threat hunts
Stars: ✭ 738 (-39.11%)
Malware FeedBringing you the best of the worst files on the Internet.
Stars: ✭ 69 (-94.31%)
HistoricprocesstreeAn Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.
Stars: ✭ 46 (-96.2%)
BinaryalertBinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
Stars: ✭ 1,125 (-7.18%)
Otx mispImports Alienvault OTX pulses to a MISP instance
Stars: ✭ 45 (-96.29%)
Intrinsics DudeOpensource Visual Studio extension for compiler instrinsics in C/C++
Stars: ✭ 44 (-96.37%)
MiniocSingle-file minimal C# IoC container
Stars: ✭ 71 (-94.14%)
SingularityA extremely fast ioc container for high performance applications
Stars: ✭ 63 (-94.8%)
Goscangolang的扫描框架, 支持协程池和自动调节协程个数.
Stars: ✭ 44 (-96.37%)
Wyhash Rswyhash fast portable non-cryptographic hashing algorithm and random number generator in Rust
Stars: ✭ 44 (-96.37%)
SparseppA fast, memory efficient hash map for C++
Stars: ✭ 1,021 (-15.76%)
Naps2Scan documents to PDF and other file types, as simply as possible.
Stars: ✭ 1,018 (-16.01%)
Yara EndpointYara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
Stars: ✭ 75 (-93.81%)
MimirSmart OSINT collection of common IOC types
Stars: ✭ 63 (-94.8%)
Sdwan Harvester🌐 Automatically enumerate and fingerprint SD-WAN nodes on the internet
Stars: ✭ 42 (-96.53%)
MelodyMelody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulation.
Stars: ✭ 41 (-96.62%)
GpgitA shell script that automates the process of signing Git sources via GPG
Stars: ✭ 62 (-94.88%)
DnsbruteDNS Sub-domain brute forcer, in Python + gevent
Stars: ✭ 40 (-96.7%)
ApkidAndroid Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
Stars: ✭ 999 (-17.57%)
BalbuzardBalbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns.
Stars: ✭ 70 (-94.22%)
PyinsanePython library to access and use image scanners (Linux/Windows/etc) (Sane/WIA) -- Moved to Gnome's Gitlab
Stars: ✭ 60 (-95.05%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (-19.64%)
YarasigsVarious Yara signatures (possibly to be included in a release later).
Stars: ✭ 59 (-95.13%)