Sentinel AttackTools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (-45%)
BluespawnAn Active Defense and EDR software to empower Blue Teams
Stars: ✭ 737 (-40.03%)
ThreathuntingA Splunk app mapped to MITRE ATT&CK to guide your threat hunts
Stars: ✭ 738 (-39.95%)
Threathunter PlaybookA Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
Stars: ✭ 2,879 (+134.26%)
rhqRecon Hunt Queries
Stars: ✭ 66 (-94.63%)
AttackdatamapA datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
Stars: ✭ 264 (-78.52%)
TA-Sysmon-deployDeploy and maintain Symon through the Splunk Deployment Sever
Stars: ✭ 31 (-97.48%)
MalwlessTest Blue Team detections without running any attack.
Stars: ✭ 215 (-82.51%)
ir scriptsincident response scripts
Stars: ✭ 17 (-98.62%)
WhidsOpen Source EDR for Windows
Stars: ✭ 188 (-84.7%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (-64.28%)
DetectionlabelkDetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
Stars: ✭ 273 (-77.79%)
DetectionlabAutomate the creation of a lab environment complete with security tooling and logging best practices
Stars: ✭ 3,237 (+163.38%)
YetiYour Everyday Threat Intelligence
Stars: ✭ 1,037 (-15.62%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-91.46%)
Werdlists⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases
Stars: ✭ 216 (-82.42%)
ThreathuntThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: ✭ 92 (-92.51%)
MthcAll-in-one bundle of MISP, TheHive and Cortex
Stars: ✭ 134 (-89.1%)
SlidesMisc Threat Hunting Resources
Stars: ✭ 203 (-83.48%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+72.01%)
OrianaOriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Stars: ✭ 152 (-87.63%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (-94.06%)
MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (-81.77%)
S2ANS2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
Stars: ✭ 70 (-94.3%)
ThreatpinchlookupDocumentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Stars: ✭ 257 (-79.09%)
SysmonResourcesConsolidation of various resources related to Microsoft Sysmon & sample data/log
Stars: ✭ 64 (-94.79%)
fastfinderIncident Response - Fast suspicious file finder
Stars: ✭ 116 (-90.56%)
Sysmon ConfigSysmon configuration file template with default high-quality event tracing
Stars: ✭ 3,287 (+167.45%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (-70.46%)
Pcap AttackPCAP Samples for Different Post Exploitation Techniques
Stars: ✭ 175 (-85.76%)
SIGMA-detection-rulesSet of SIGMA rules (>250) mapped to MITRE Att@k tactic and techniques
Stars: ✭ 97 (-92.11%)
Attack monitorEndpoint detection & Malware analysis software
Stars: ✭ 186 (-84.87%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (-86.82%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-87.88%)
PypowershellxrayPython script to decode common encoded PowerShell scripts
Stars: ✭ 192 (-84.38%)
Auditd AttackA Linux Auditd rule set mapped to MITRE's Attack Framework
Stars: ✭ 642 (-47.76%)
Atc ReactA knowledge base of actionable Incident Response techniques
Stars: ✭ 226 (-81.61%)
BeagleBeagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Stars: ✭ 976 (-20.59%)
Signature BaseSignature base for my scanner tools
Stars: ✭ 1,212 (-1.38%)
UrsadbTrigram database written in C++, suited for malware indexing
Stars: ✭ 72 (-94.14%)
Fhe Toolkit LinuxIBM Fully Homomorphic Encryption Toolkit For Linux. This toolkit is a Linux based Docker container that demonstrates computing on encrypted data without decrypting it! The toolkit ships with two demos including a fully encrypted Machine Learning inference with a Neural Network and a Privacy-Preserving key-value search.
Stars: ✭ 1,123 (-8.62%)
Domq🛠️ A modular DOM manipulation library.
Stars: ✭ 63 (-94.87%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-94.14%)
MetaforgeAn OSINT Metadata analyzing tool that filters through tags and creates reports
Stars: ✭ 63 (-94.87%)
MimirSmart OSINT collection of common IOC types
Stars: ✭ 63 (-94.87%)
Malware FeedBringing you the best of the worst files on the Internet.
Stars: ✭ 69 (-94.39%)
AudiobenchOpen source modular synthesizer
Stars: ✭ 63 (-94.87%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-94.96%)
Lw YaraYara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies
Stars: ✭ 78 (-93.65%)
Nrf24 PlaysetSoftware tools for Nordic Semiconductor nRF24-based devices like wireless keyboards, mice, and presenters
Stars: ✭ 73 (-94.06%)
BindaHeadless CMS based on Ruby on Rails
Stars: ✭ 60 (-95.12%)