malware-persistenceCollection of malware persistence and hunting information. Be a persistent persistence hunter!
Stars: ✭ 109 (+251.61%)
Misp GalaxyClusters and elements to attach to MISP events or attributes (like threat actors)
Stars: ✭ 276 (+790.32%)
PatrowlhearsPatrowlHears - Vulnerability Intelligence Center / Exploits
Stars: ✭ 89 (+187.1%)
Threatbus🚌 The missing link to connect open-source threat intelligence tools.
Stars: ✭ 139 (+348.39%)
MihariA helper to run OSINT queries & manage results continuously
Stars: ✭ 239 (+670.97%)
IronNetTRThreat research and reporting from IronNet's Threat Research Teams
Stars: ✭ 36 (+16.13%)
OSINT-BrazucaRepositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.
Stars: ✭ 508 (+1538.71%)
Signature BaseSignature base for my scanner tools
Stars: ✭ 1,212 (+3809.68%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+1316.13%)
Sweetie DataThis repo contains logstash of various honeypots
Stars: ✭ 163 (+425.81%)
DovehawkDovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
Stars: ✭ 97 (+212.9%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (+422.58%)
MthcAll-in-one bundle of MISP, TheHive and Cortex
Stars: ✭ 134 (+332.26%)
ScrummageThe Ultimate OSINT and Threat Hunting Framework
Stars: ✭ 355 (+1045.16%)
DnstwistDomain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Stars: ✭ 3,124 (+9977.42%)
MispMISP (core software) - Open Source Threat Intelligence and Sharing Platform
Stars: ✭ 3,485 (+11141.94%)
BesafeBeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you
Stars: ✭ 21 (-32.26%)
Malware FeedBringing you the best of the worst files on the Internet.
Stars: ✭ 69 (+122.58%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (+238.71%)
TelerReal-time HTTP Intrusion Detection
Stars: ✭ 1,248 (+3925.81%)
Threat HuntingPersonal compilation of APT malware from whitepaper releases, documents and own research
Stars: ✭ 219 (+606.45%)
OsweepDon't Just Search OSINT. Sweep It.
Stars: ✭ 225 (+625.81%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (+135.48%)
FattFATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic
Stars: ✭ 490 (+1480.65%)
KlaraKaspersky's GReAT KLara
Stars: ✭ 565 (+1722.58%)
mail to mispConnect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
Stars: ✭ 61 (+96.77%)
SysmontoolsUtilities for Sysmon
Stars: ✭ 903 (+2812.9%)
PhishingkithunterFind phishing kits which use your brand/organization's files and image.
Stars: ✭ 177 (+470.97%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (+1070.97%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (+380.65%)
sqhunterA simple threat hunting tool based on osquery, Salt Open and Cymon API
Stars: ✭ 64 (+106.45%)
MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (+622.58%)
YAFRAYAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Stars: ✭ 22 (-29.03%)
StalkphishStalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
Stars: ✭ 256 (+725.81%)
pybinaryedgePython 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/
Stars: ✭ 16 (-48.39%)
WatcherWatcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Stars: ✭ 324 (+945.16%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+6719.35%)
Threat IntelArchive of publicly available threat INTel reports (mostly APT Reports but not limited to).
Stars: ✭ 252 (+712.9%)
Judge-Jury-and-ExecutableA file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Stars: ✭ 66 (+112.9%)
gitops-helm-workshopProgressive Delivery for Kubernetes with Flux, Helm, Linkerd and Flagger
Stars: ✭ 59 (+90.32%)
transparencyRead-only mirror of https://owo.codes/whats-this/transparency
Stars: ✭ 13 (-58.06%)
Honeypots-on-BlockchainThis repo collects almost all the smart contract honeypots that you could find in the first three pages of Google search.
Stars: ✭ 95 (+206.45%)
Ehoney安全、快捷、高交互、企业级的蜜罐管理系统,护网;支持多种协议蜜罐、蜜签、诱饵等功能。A safe, fast, highly interactive and enterprise level honeypot management system, supports multiple protocol honeypots, honeytokens, baits and other functions.
Stars: ✭ 1,051 (+3290.32%)
fakesshA dockerized fake SSH server honeypot written in Go that logs login attempts.
Stars: ✭ 42 (+35.48%)
CCXDiggerThe CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.
Stars: ✭ 45 (+45.16%)
TrapdoorServerless honeytoken 🕵🏻♂️
Stars: ✭ 70 (+125.81%)
kong-plugins-canaryThe grayscale plug-in based on gateway Kong, called Canary, meets A/B testing and dynamically switches upstream agents
Stars: ✭ 31 (+0%)
SysmonResourcesConsolidation of various resources related to Microsoft Sysmon & sample data/log
Stars: ✭ 64 (+106.45%)
honeycombAn extensible honeypot framework
Stars: ✭ 93 (+200%)
evtx-hunterevtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
Stars: ✭ 122 (+293.55%)
weblogic honeypotWebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.
Stars: ✭ 30 (-3.23%)