875 Open source projects that are alternatives of or similar to Threat Hunting

笔记、Laravel、PHP、面试题、MySQL、HTML、CSS、Java...

A set of scripts to detect updates of Microsoft (TM) Windows (TM) OS which harm users' privacy and uninstall them

A Python-powered exploitation framework and botnet.

ACPI Hotpatches and Guides for the OpenCore Bootmanager. Enhance and fine-tune your system by adding devices and enabling additional features not covered in the OpenCore Install Guide.

Cuckoo Sandbox plugin for extracts configuration data of known malware

Symfony bundle for render entity collections as a selectable expanded list.

🔄 Ransomware recovery app for Nextcloud

Python-based spyware for Windows that logs the foreground window activites, keyboard inputs. Furthermore it is able to take screenshots and and run shell commands in the background.

✨ A curated list of awesome learning collections on various topics.

a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities

a simple hidden silent XMR miner.

Endpoint detection & Malware analysis software

DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.

Code repository for the paper "Adversarial Deep Learning for Robust Detection of Binary Encoded Malware"

A collection of Vue.js demos

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

💻⚠️ A curated collection of awesome malware, botnets, and other post-exploitation tools.

Home of the B00merang Redmond Collection themes for Linux

Scans PHP files for malwares and known threats

InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them.

Fuzzy Hash calculated from import API of PE files

Windows driver with usermode interface which can hide objects of file-system and registry, protect processes and etc

第三届阿里云安全算法挑战赛

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

ld_preload userland rootkit

A framework for constructing self-spreading binaries

Searches online paste sites for certain search terms which can indicate a possible data breach.

A collection of (mostly) technical things every software developer should know about

An Active Defense and EDR software to empower Blue Teams

Collection Data for Cooper Hewitt, Smithsonian Design Museum

Python AV Evasion Tools

Improve your security and privacy by blocking ads, tracking and malware domains.

Simple Ransomware Tool in Pure Java

GDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…

A VBA parser and emulation engine to analyze malicious macros.

Sysmon configuration file template with default high-quality event tracing

Collection extension for Yii 2

Crypter - Python3 based builder and ransomware compiled to Windows executable using PyInstaller

MultiAV scanner with Python and JSON REST API using Malice Docker AV Containers and Docker-Machine based Autoscaling

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

This is a project of "#Twiti: Social Listening for Threat Intelligence" (TheWebConf 2021)

An obfuscation tool for Windows which instruments the Windows Loader into acting as an unpacking engine.

PHP underscore inspired &/or cloned from _.js, with extra goodies like higher order messaging

Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provided are code samples, signature recommendations and countermeasures within each category for the described techniques.

Basic Multiplatform Remote Administration Tool - Xamarin

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

InfectPE - Inject custom code into PE file [This project is not maintained anymore]

Hacking resources and cheat sheets. References, tools, scripts, tutorials, and other resources that help offensive and defensive security professionals.

Quickly and easily install, uninstall, and set up automatic updates for any of Steven Black's unified hosts files.

Just a normal flask web app to understand win32api with code snippets and references.

makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]

Threat hunting Web Windows AD linux ATT&CK TTPs

最好用的轻量级轮播图+卡片样式+自定义样式,链式编程语法(可实现各种样式的轮播图,大多需要的功能都有)(The best lightweight carousel + card style + custom style, chain programming syntax)

YARA malware query accelerator (web frontend)

A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework

A ransomware developed in python, with bypass technics, for educational purposes.

The Hunting ELK

fupengfei058's blog

Remot3d: is a simple tool created for large pentesters as well as just for the pleasure of defacers to control server by backdoors