1213 Open source projects that are alternatives of or similar to Sysmontools

Sysmon configuration file template with default high-quality event tracing

Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.

Threat research and reporting from IronNet's Threat Research Teams

recon-ng modules for Censys

Python 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

A simple threat hunting tool based on osquery, Salt Open and Cymon API

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

PatrowlHears - Vulnerability Intelligence Center / Exploits

Tracking APT IOCs

Generic Signature Format for SIEM Systems

Bringing you the best of the worst files on the Internet.

Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.

🚌 The missing link to connect open-source threat intelligence tools.

Extract and aggregate threat intelligence.

Application Insights main repository for documentation of overall SDK offerings for all platforms.

Microsoft Application Insights SDK for Node.js

evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.

The Correlated CVE Vulnerability And Threat Intelligence Database API

Standard-Format Threat Intelligence Feeds

the fastest way to consume threat intelligence.

Malware Sample Sources

An extensible Java library for HTTP request and response logging

Go Library [DEPRECATED]

Sematext Docker Agent - host + container metrics, logs & event collector

Exceptionless server and jobs

Defund the Police.

#ThreatHunting #DFIR #Malware #Detection Mind Maps

Consolidation of various resources related to Microsoft Sysmon & sample data/log

Deploy and maintain Symon through the Splunk Deployment Sever

Easy log aggregation, indexing and searching

Python bindings for Yeti's API

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Microsoft Sentinel SOC Operations

Capture passwords of login attempts on non-existent and disabled accounts.

The Ultimate OSINT and Threat Hunting Framework

Open Source Smart Meter with focus on privacy - you remain the master of your data.

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

Pushes Sysmon Configs

Threat Hunting queries for various attacks

Aggregated Indicators of Compromise collected and cross-verified from multiple open and community-supported sources, enriched and ranked using our intelligence platform for you. Threat Intelligence, Threat feed, Open source feed.

CLI tool for open source and threat intelligence

Best practices in threat intelligence

Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

Clusters and elements to attach to MISP events or attributes (like threat actors)

Defanged Indicator of Compromise (IOC) Extractor.

PHP logging library that is highly extendable and simple to use.

Linode Longview Agent

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

ApplicationInsights-dotnet

A network event stream processing system, in Clojure.

This repository is a collection of resources to prepare for the Certified Kubernetes Security Specialist (CKSS) exam.

Show some ❤️ to Node.js process errors

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Microsoft Application Insights SDK for Go

Application Insights SDK for Python