875 Open source projects that are alternatives of or similar to Threat Hunting

Collection of scripts for different malware analysis tasks

Malware repository component for samples & static configuration with REST API interface.

Debian packaging of Linux Malware Detect (https://github.com/rfxn/linux-malware-detect)

A command line tool to find malwares on http://openmalware.org

This repo contains logstash of various honeypots

Python 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Yara rules written by me, for free use.

Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.

Malware Analysis Zoo

A Simple PE File Heuristics Scanners

Program for determining types of files for Windows, Linux and MacOS.

A tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

Simpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that were added in Windows 10 Spring Update (1803), also called "Redstone 4", with additional improvements that were made in Windows 10 October Update (1809), aka "Redstone 5".

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

Threat research and reporting from IronNet's Threat Research Teams

Drltrace is a library calls tracer for Windows and Linux applications.

Free Malware Training Datasets for Machine Learning

Code written as part of our various malware investigations

Cuckoo Sandbox Dockerfile

Defanged Indicator of Compromise (IOC) Extractor.

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

Phishing Domains, urls websites and threats database. We use the PyFunceble testing tool to validate the status of all known Phishing domains and provide stats to reveal how many unique domains used for Phishing are still active.

Collaborative malware analysis framework

A Python RESTful API framework for online malware analysis and threat intelligence services.

WinAppDbg Debugger

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

A Linux Ransomware

Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js

A comprehensive binary emulation and instrumentation platform.

Golang malware development framework

Malware sample library.

Exploit Development and Reverse Engineering with GDB Made Easy

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Droidefense: Advance Android Malware Analysis Framework

A SDK for the creation of analysis tools without obtaining app source code in order to profile runtime performance, examine code coverage, and track high-risk behaviors of a given app on Android 5.0 and above.

Malice AntiVirus Plugins

Research code & papers from members of vx-underground.

Detect silent (unwanted) changes to files on your system

SSMA - Simple Static Malware Analyzer [This project is not maintained anymore by me]

Various snippets created during malware analysis

🚌 The missing link to connect open-source threat intelligence tools.

Kaspersky's GReAT KLara

Builds malware analysis Windows VMs so that you don't have to.

Utilities for Sysmon

Android Reverse-Engineering Workbench for VS Code

Sandboxed Execution Environment

A collection of malware samples caught by several honeypots i manage

Real-time Packet Observation Tool

Find phishing kits which use your brand/organization's files and image.

Norimaci is a simple and lightweight malware analysis sandbox for macOS

Sandbox for automated Linux malware analysis.

All-in-one bundle of MISP, TheHive and Cortex

Distributed malware processing framework based on Python, Redis and MinIO.

CLI tool to analyze PE files

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

Maltego CaseFile entities for information security investigations, malware analysis and incident response

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Malware Analysis, Threat Intelligence and Reverse Engineering: LABS