1746 Open source projects that are alternatives of or similar to ThePhish

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

No description or website provided.

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

Information gathering & website reconnaissance | https://phishstats.info/

Explore Indicators of Compromise Automatically

A multi-layered and multi-tiered Machine Learning security solution, it supports always on detection system, Django REST framework used, equipped with a web-browser extension that uses a REST API call.

A curated list of amazingly awesome Cybersecurity datasets

Python API Client for TheHive

SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.

Documentation of TheHive

#ThreatHunting #DFIR #Malware #Detection Mind Maps

Cortex: a Powerful Observable Analysis and Active Response Engine

Aggregated Indicators of Compromise collected and cross-verified from multiple open and community-supported sources, enriched and ranked using our intelligence platform for you. Threat Intelligence, Threat feed, Open source feed.

Cortex Analyzers Repository

Wifiphisher is a rogue Access Point framework for conducting red team engagements or Wi-Fi security testing. Using Wifiphisher, penetration testers can easily achieve a man-in-the-middle position against wireless clients by performing targeted Wi-Fi association attacks. Wifiphisher can be further used to mount victim-customized web phishing attacks against the connected clients in order to capture credentials (e.g. from third party login pages or WPA/WPA2 Pre-Shared Keys) or infect the victim stations with malwares.

Bringing you the best of the worst files on the Internet.

Malware Sample Sources

OpenCTI connectors

CyCAT.org API back-end server including crawlers

This project is a SIEM with SIRP and Threat Intel, all in one.

Collecting IOCs posted on Twitter

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Who and what to follow in the world of cyber security

Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups

Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.

Cyber-investigation Analysis Standard Expression (CASE) Ontology

Digital Forensics Investigation Platform

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

FCL (Fileless Command Lines) - Known command lines of fileless malicious executions

Catalyst is an open source SOAR system that helps to automate alert handling and incident response processes

OPCDE Cybersecurity Conference Materials

A curated list of tools for incident response

Hashes of infamous malware

FAME Automates Malware Evaluation

Digging Deeper....

A list of cyber-chef recipes and curated links

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

A concise, directive, specific, flexible, and free incident response plan template

All-in-one bundle of MISP, TheHive and Cortex

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.

Sandia Cyber Omni Tracker (SCOT)

Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .

Generate YARA rules for OOXML documents.

A repository for using osquery for incident detection and response

PS / Bash / Python / Other scripts For FUN!

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Graphical Web interface developed to facilitate the use of security information tools.

STIX data representing MITRE ATT&CK

APT || Execution || Launch || APTs || ( Authors harr0ey, bohops )

Collection of several DDos tools.

🧬 Mitre Interactive Network Graph (APTs, Malware, Tools, Techniques & Tactics)

Generate unicode evil domains for IDN Homograph Attack and detect them.