Sentinel AttackTools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (-79.43%)
SigmaGeneric Signature Format for SIEM Systems
Stars: ✭ 4,418 (+34.41%)
Ee OutliersOpen-source framework to detect outliers in Elasticsearch events
Stars: ✭ 172 (-94.77%)
StalkphishStalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
Stars: ✭ 256 (-92.21%)
Bearded AvengerCIF v3 -- the fastest way to consume threat intelligence
Stars: ✭ 152 (-95.38%)
RiemannA network event stream processing system, in Clojure.
Stars: ✭ 4,099 (+24.7%)
JustlogJustLog brings logging on iOS to the next level. It supports console, file and remote Logstash logging via TCP socket with no effort. Support for logz.io available.
Stars: ✭ 439 (-86.64%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (-86.64%)
YetiYour Everyday Threat Intelligence
Stars: ✭ 1,037 (-68.45%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (-35.69%)
Sysmon ModularA repository of sysmon configuration modules
Stars: ✭ 1,229 (-62.61%)
AnalogPHP logging library that is highly extendable and simple to use.
Stars: ✭ 314 (-90.45%)
LongviewLinode Longview Agent
Stars: ✭ 319 (-90.3%)
IronNetTRThreat research and reporting from IronNet's Threat Research Teams
Stars: ✭ 36 (-98.9%)
WhidsOpen Source EDR for Windows
Stars: ✭ 188 (-94.28%)
Volkszaehler.orgOpen Source Smart Meter with focus on privacy - you remain the master of your data.
Stars: ✭ 150 (-95.44%)
Sematext Agent DockerSematext Docker Agent - host + container metrics, logs & event collector
Stars: ✭ 194 (-94.1%)
GolibGo Library [DEPRECATED]
Stars: ✭ 194 (-94.1%)
Applicationinsights HomeApplication Insights main repository for documentation of overall SDK offerings for all platforms.
Stars: ✭ 221 (-93.28%)
SysmonResourcesConsolidation of various resources related to Microsoft Sysmon & sample data/log
Stars: ✭ 64 (-98.05%)
MispMISP (core software) - Open Source Threat Intelligence and Sharing Platform
Stars: ✭ 3,485 (+6.02%)
evtx-hunterevtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
Stars: ✭ 122 (-96.29%)
Malware FeedBringing you the best of the worst files on the Internet.
Stars: ✭ 69 (-97.9%)
Threatbus🚌 The missing link to connect open-source threat intelligence tools.
Stars: ✭ 139 (-95.77%)
PatrowlhearsPatrowlHears - Vulnerability Intelligence Center / Exploits
Stars: ✭ 89 (-97.29%)
pybinaryedgePython 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/
Stars: ✭ 16 (-99.51%)
mail to mispConnect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
Stars: ✭ 61 (-98.14%)
Windows event loggingWindows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technical Guidance for Windows Event Logging.
Stars: ✭ 128 (-96.11%)
csirtg-smrt-v1the fastest way to consume threat intelligence.
Stars: ✭ 27 (-99.18%)
ThreatpinchlookupDocumentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Stars: ✭ 257 (-92.18%)
Threathunter PlaybookA Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
Stars: ✭ 2,879 (-12.41%)
OSINT-BrazucaRepositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.
Stars: ✭ 508 (-84.55%)
YAFRAYAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Stars: ✭ 22 (-99.33%)
TA-Sysmon-deployDeploy and maintain Symon through the Splunk Deployment Sever
Stars: ✭ 31 (-99.06%)
ir scriptsincident response scripts
Stars: ✭ 17 (-99.48%)
Xsrv[mirror] Install and manage self-hosted services/applications, on your own server(s) - ansible collection and utilities
Stars: ✭ 89 (-97.29%)
Tail[Revamped] Go package for reading from continuously updated files (tail -f)
Stars: ✭ 81 (-97.54%)
ExceptionlessExceptionless server and jobs
Stars: ✭ 2,107 (-35.9%)
LogsuckEasy log aggregation, indexing and searching
Stars: ✭ 154 (-95.31%)
pyetiPython bindings for Yeti's API
Stars: ✭ 15 (-99.54%)
LogbookAn extensible Java library for HTTP request and response logging
Stars: ✭ 822 (-74.99%)
sqhunterA simple threat hunting tool based on osquery, Salt Open and Cymon API
Stars: ✭ 64 (-98.05%)
Threat-Intel-Slack-BotInteractive Threat Intelligence Bot that leverages serverless framework, AWS/GCP, and Slack
Stars: ✭ 26 (-99.21%)
GohaltGohalt 👮♀🛑: Fast; Simple; Powerful; Go Throttler library
Stars: ✭ 253 (-92.3%)
iocingestorAn extendable tool to extract and aggregate IoCs from threat feeds
Stars: ✭ 25 (-99.24%)
Perfmon AgentServer metrics fetching agent, based on SIGAR
Stars: ✭ 264 (-91.97%)
rhqRecon Hunt Queries
Stars: ✭ 66 (-97.99%)