852 Open source projects that are alternatives of or similar to Sysmon Modular

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

An Active Defense and EDR software to empower Blue Teams

A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.

Recon Hunt Queries

A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework

Windows Events Attack Samples

Deploy and maintain Symon through the Splunk Deployment Sever

Test Blue Team detections without running any attack.

incident response scripts

Open Source EDR for Windows

Extract and aggregate threat intelligence.

DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.

Automate the creation of a lab environment complete with security tooling and logging best practices

Your Everyday Threat Intelligence

JSON DataSet for macOS mapped to MITRE ATT&CK Tactics.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases

ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.

All-in-one bundle of MISP, TheHive and Cortex

Misc Threat Hunting Resources

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.

Explore Indicators of Compromise Automatically

#ThreatHunting #DFIR #Malware #Detection Mind Maps

Pushes Sysmon Configs

S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator

Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension

Consolidation of various resources related to Microsoft Sysmon & sample data/log

Incident Response - Fast suspicious file finder

Sysmon configuration file template with default high-quality event tracing

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

PCAP Samples for Different Post Exploitation Techniques

Set of SIGMA rules (>250) mapped to MITRE Att@k tactic and techniques

Endpoint detection & Malware analysis software

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Python script to decode common encoded PowerShell scripts

A Linux Auditd rule set mapped to MITRE's Attack Framework

Tool to predict attacker groups from the techniques and software used

A knowledge base of actionable Incident Response techniques

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

Utilities for Sysmon

Signature base for my scanner tools

Context, a modular sequencer for PD

Trigram database written in C++, suited for malware indexing

IBM Fully Homomorphic Encryption Toolkit For Linux. This toolkit is a Linux based Docker container that demonstrates computing on encrypted data without decrypting it! The toolkit ships with two demos including a fully encrypted Machine Learning inference with a Neural Network and a Privacy-Preserving key-value search.

🛠️ A modular DOM manipulation library.

Open Repository for the Open Security and Privacy Reference Architecture

All-in-one tool for managing vulnerability reports from AppSec pipelines

An OSINT Metadata analyzing tool that filters through tags and creates reports

Smart OSINT collection of common IOC types

Bringing you the best of the worst files on the Internet.

Open source modular synthesizer

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Yara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies

Software tools for Nordic Semiconductor nRF24-based devices like wireless keyboards, mice, and presenters

USB testing made easy

Headless CMS based on Ruby on Rails