131 Open source projects that are alternatives of or similar to TheHiveHooks
Thehive
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
Stars: ✭ 2,300 (+10354.55%)
Docker-Templates
Docker configurations for TheHive, Cortex and 3rd party tools
Stars: ✭ 71 (+222.73%)
Historicprocesstree
An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.
Stars: ✭ 46 (+109.09%)
Awesome Forensics
A curated list of awesome forensic analysis tools and resources
Stars: ✭ 1,775 (+7968.18%)
Logontracer
Investigate malicious Windows logon by visualizing and analyzing Windows event log
Stars: ✭ 1,914 (+8600%)
My Arsenal Of Aws Security Tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
Stars: ✭ 6,464 (+29281.82%)
Lolbas
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Stars: ✭ 1,506 (+6745.45%)
Lw Yara
Yara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies
Stars: ✭ 78 (+254.55%)
Imago Forensics
Imago is a python tool that extract digital evidences from images.
Stars: ✭ 175 (+695.45%)
Beagle
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Stars: ✭ 976 (+4336.36%)
Oriana
Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Stars: ✭ 152 (+590.91%)
Threathunting
A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
Stars: ✭ 738 (+3254.55%)
Diffy
Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.
Stars: ✭ 555 (+2422.73%)
Pockint
A portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️
Stars: ✭ 196 (+790.91%)
Threathunt
ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: ✭ 92 (+318.18%)
CCXDigger
The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.
Stars: ✭ 45 (+104.55%)
Misp Warninglists
Warning lists to inform users of MISP about potential false-positives or other information in indicators
Stars: ✭ 184 (+736.36%)
Threathunter Playbook
A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
Stars: ✭ 2,879 (+12986.36%)
Autotimeliner
Automagically extract forensic timeline from volatile memory dump
Stars: ✭ 54 (+145.45%)
Zombieant
Zombie Ant Farm: Primitives and Offensive Tooling for Linux EDR evasion.
Stars: ✭ 169 (+668.18%)
Forensic Tools
CIRCL system forensic tools or a jumble of tools to support forensic
Stars: ✭ 27 (+22.73%)
Userline
Query and report user logons relations from MS Windows Security Events
Stars: ✭ 221 (+904.55%)
Memlabs
Educational, CTF-styled labs for individuals interested in Memory Forensics
Stars: ✭ 696 (+3063.64%)
Detectionlab
Automate the creation of a lab environment complete with security tooling and logging best practices
Stars: ✭ 3,237 (+14613.64%)
pyarascanner
A simple many-rules to many-files YARA scanner for incident response or malware zoos.
Stars: ✭ 23 (+4.55%)
EventTranscript.db-Research
A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.
Stars: ✭ 33 (+50%)
1-60 of 131 similar projects