275 Open source projects that are alternatives of or similar to SSHapendoes

Malware Sample Sources

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

Clusters and elements to attach to MISP events or attributes (like threat actors)

PatrowlHears - Vulnerability Intelligence Center / Exploits

🚌 The missing link to connect open-source threat intelligence tools.

A helper to run OSINT queries & manage results continuously

Threat research and reporting from IronNet's Threat Research Teams

Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.

Signature base for my scanner tools

A toolkit for Security Researchers

Extract and aggregate threat intelligence.

This repo contains logstash of various honeypots

Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

All-in-one bundle of MISP, TheHive and Cortex

The Ultimate OSINT and Threat Hunting Framework

Threat Hunting queries for various attacks

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

BeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you

Bringing you the best of the worst files on the Internet.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Real-time HTTP Intrusion Detection

Personal compilation of APT malware from whitepaper releases, documents and own research

Don't Just Search OSINT. Sweep It.

Explore Indicators of Compromise Automatically

FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic

Kaspersky's GReAT KLara

Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.

Utilities for Sysmon

Find phishing kits which use your brand/organization's files and image.

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

recon-ng modules for Censys

A simple threat hunting tool based on osquery, Salt Open and Cymon API

#ThreatHunting #DFIR #Malware #Detection Mind Maps

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

Microsoft Sentinel SOC Operations

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

Python 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Archive of publicly available threat INTel reports (mostly APT Reports but not limited to).

Tracking APT IOCs

A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.

Distributed Honeypot

Standard-Format Threat Intelligence Feeds

Progressive Delivery for Kubernetes with Flux, Helm, Linkerd and Flagger

Read-only mirror of https://owo.codes/whats-this/transparency

This repo collects almost all the smart contract honeypots that you could find in the first three pages of Google search.

安全、快捷、高交互、企业级的蜜罐管理系统，护网；支持多种协议蜜罐、蜜签、诱饵等功能。A safe, fast, highly interactive and enterprise level honeypot management system, supports multiple protocol honeypots, honeytokens, baits and other functions.

A dockerized fake SSH server honeypot written in Go that logs login attempts.

The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.

Serverless honeytoken 🕵🏻‍♂️

The grayscale plug-in based on gateway Kong, called Canary, meets A/B testing and dynamically switches upstream agents

Consolidation of various resources related to Microsoft Sysmon & sample data/log

An extensible honeypot framework

evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.

WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.

Kubernetes deployment strategies explained