Sysmon ConfigSysmon configuration file template with default high-quality event tracing
Stars: ✭ 3,287 (+264.01%)
mail to mispConnect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
Stars: ✭ 61 (-93.24%)
IronNetTRThreat research and reporting from IronNet's Threat Research Teams
Stars: ✭ 36 (-96.01%)
pybinaryedgePython 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/
Stars: ✭ 16 (-98.23%)
YAFRAYAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Stars: ✭ 22 (-97.56%)
sqhunterA simple threat hunting tool based on osquery, Salt Open and Cymon API
Stars: ✭ 64 (-92.91%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+134.11%)
Sentinel AttackTools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (-25.14%)
StalkphishStalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
Stars: ✭ 256 (-71.65%)
MispMISP (core software) - Open Source Threat Intelligence and Sharing Platform
Stars: ✭ 3,485 (+285.94%)
PatrowlhearsPatrowlHears - Vulnerability Intelligence Center / Exploits
Stars: ✭ 89 (-90.14%)
SigmaGeneric Signature Format for SIEM Systems
Stars: ✭ 4,418 (+389.26%)
Malware FeedBringing you the best of the worst files on the Internet.
Stars: ✭ 69 (-92.36%)
OSINT-BrazucaRepositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.
Stars: ✭ 508 (-43.74%)
Threatbus🚌 The missing link to connect open-source threat intelligence tools.
Stars: ✭ 139 (-84.61%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (-51.38%)
Applicationinsights HomeApplication Insights main repository for documentation of overall SDK offerings for all platforms.
Stars: ✭ 221 (-75.53%)
evtx-hunterevtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
Stars: ✭ 122 (-86.49%)
VfeedThe Correlated CVE Vulnerability And Threat Intelligence Database API
Stars: ✭ 826 (-8.53%)
csirtg-smrt-v1the fastest way to consume threat intelligence.
Stars: ✭ 27 (-97.01%)
LogbookAn extensible Java library for HTTP request and response logging
Stars: ✭ 822 (-8.97%)
GolibGo Library [DEPRECATED]
Stars: ✭ 194 (-78.52%)
Sematext Agent DockerSematext Docker Agent - host + container metrics, logs & event collector
Stars: ✭ 194 (-78.52%)
ExceptionlessExceptionless server and jobs
Stars: ✭ 2,107 (+133.33%)
MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (-75.19%)
SysmonResourcesConsolidation of various resources related to Microsoft Sysmon & sample data/log
Stars: ✭ 64 (-92.91%)
TA-Sysmon-deployDeploy and maintain Symon through the Splunk Deployment Sever
Stars: ✭ 31 (-96.57%)
LogsuckEasy log aggregation, indexing and searching
Stars: ✭ 154 (-82.95%)
pyetiPython bindings for Yeti's API
Stars: ✭ 15 (-98.34%)
MurMurHashThis little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (-91.25%)
SSHapendoesCapture passwords of login attempts on non-existent and disabled accounts.
Stars: ✭ 31 (-96.57%)
ScrummageThe Ultimate OSINT and Threat Hunting Framework
Stars: ✭ 355 (-60.69%)
Volkszaehler.orgOpen Source Smart Meter with focus on privacy - you remain the master of your data.
Stars: ✭ 150 (-83.39%)
malware-persistenceCollection of malware persistence and hunting information. Be a persistent persistence hunter!
Stars: ✭ 109 (-87.93%)
rstthreatsAggregated Indicators of Compromise collected and cross-verified from multiple open and community-supported sources, enriched and ranked using our intelligence platform for you. Threat Intelligence, Threat feed, Open source feed.
Stars: ✭ 17 (-98.12%)
HarpoonCLI tool for open source and threat intelligence
Stars: ✭ 679 (-24.81%)
ThreatpinchlookupDocumentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Stars: ✭ 257 (-71.54%)
DnstwistDomain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Stars: ✭ 3,124 (+245.96%)
Misp GalaxyClusters and elements to attach to MISP events or attributes (like threat actors)
Stars: ✭ 276 (-69.44%)
Python IocextractDefanged Indicator of Compromise (IOC) Extractor.
Stars: ✭ 300 (-66.78%)
AnalogPHP logging library that is highly extendable and simple to use.
Stars: ✭ 314 (-65.23%)
LongviewLinode Longview Agent
Stars: ✭ 319 (-64.67%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (-59.8%)
RiemannA network event stream processing system, in Clojure.
Stars: ✭ 4,099 (+353.93%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+662.13%)