305 Open source projects that are alternatives of or similar to sqhunter

Threat research and reporting from IronNet's Threat Research Teams

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

PatrowlHears - Vulnerability Intelligence Center / Exploits

Utilities for Sysmon

Bringing you the best of the worst files on the Internet.

Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.

recon-ng modules for Censys

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Python 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/

Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.

Extract and aggregate threat intelligence.

🚌 The missing link to connect open-source threat intelligence tools.

Tracking APT IOCs

Python bindings for Yeti's API

Threat Hunting queries for various attacks

#ThreatHunting #DFIR #Malware #Detection Mind Maps

Recon Hunt Queries

Domain name permutation engine written in Go

Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

Clusters and elements to attach to MISP events or attributes (like threat actors)

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

Microsoft Sentinel SOC Operations

BeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you

The Ultimate OSINT and Threat Hunting Framework

MISP trainings, threat intel and information sharing training materials with source code

A dashboard for a real-time overview of threat intelligence from MISP instances

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

Your Everyday Threat Intelligence

Defund the Police.

This repo contains logstash of various honeypots

Malware Sample Sources

DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.

Real-time HTTP Intrusion Detection

Standard-Format Threat Intelligence Feeds

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Sysmon configuration file template with default high-quality event tracing

Kaspersky's GReAT KLara

All-in-one bundle of MISP, TheHive and Cortex

Signature base for my scanner tools

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings

the fastest way to consume threat intelligence.

A toolkit for Security Researchers

Don't Just Search OSINT. Sweep It.

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Hubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting. HubbleStack is a free and open source project made possible by Adobe. https://github.com/adobe

Personal compilation of APT malware from whitepaper releases, documents and own research

Find phishing kits which use your brand/organization's files and image.

A helper to run OSINT queries & manage results continuously

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Phishing catcher using Certstream

internet monitoring osint telegram bot for windows

Explore Indicators of Compromise Automatically

CIF v3 -- the fastest way to consume threat intelligence

Archive of publicly available threat INTel reports (mostly APT Reports but not limited to).

Capture passwords of login attempts on non-existent and disabled accounts.