875 Open source projects that are alternatives of or similar to Threat Hunting

SSMA - Simple Static Malware Analyzer [This project is not maintained anymore by me]

Malware sample library.

Various snippets created during malware analysis

The PE file analysis toolkit

Threat Hunting queries for various attacks

Android Reverse-Engineering Workbench for VS Code

Find phishing kits which use your brand/organization's files and image.

Sandbox for automated Linux malware analysis.

All-in-one bundle of MISP, TheHive and Cortex

An open source script to perform malware static analysis on Portable Executable

A Linux Ransomware

Distributed malware processing framework based on Python, Redis and MinIO.

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

Kaspersky's GReAT KLara

Sandboxed Execution Environment

Kernel-Mode Driver that loads a dll into every new created process that loads kernel32.dll module

A collection of malware samples caught by several honeypots i manage

Utilities for Sysmon

Norimaci is a simple and lightweight malware analysis sandbox for macOS

BONOMEN - Hunt for Malware Critical Process Impersonation

Maltego CaseFile entities for information security investigations, malware analysis and incident response

A Python library and command line tools to provide interactive log visualization.

A repository of my completed writeups, along with the samples themselves.

Builds malware analysis Windows VMs so that you don't have to.

Real-time Packet Observation Tool

CLI tool to analyze PE files

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

A simple threat hunting tool based on osquery, Salt Open and Cymon API

Batch Antivirus, a powerful antivirus suite written in batch with real-time protection and heuristical scanning.

OLE Package Format Documentation

Telegram RAT written in Python

OWASP Seraphimdroid is an open source project with aim to create, as a community, an open platform for education and protection of Android users against privacy and security threats.

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

The repository contains the python implementation of the Android Malware Detection paper: "Empirical assessment of machine learning-based malware detectors for Android: Measuring the Gap between In-the-Lab and In-the-Wild Validation Scenarios"

Django application that performs SAST and Malware Analysis for Android APKs

Malware Analysis, Threat Intelligence and Reverse Engineering: LABS

Saydog Framework

Explore Indicators of Compromise Automatically

Malware Data Science Reading Diary / Notes

Real-time HTTP Intrusion Detection

WinAppDbg Debugger

Various scripts for different malware families

Signature base for my scanner tools

PatrowlHears - Vulnerability Intelligence Center / Exploits

A SDK for the creation of analysis tools without obtaining app source code in order to profile runtime performance, examine code coverage, and track high-risk behaviors of a given app on Android 5.0 and above.

DDoor - cross platform backdoor using dns txt records

There is more than google: A collection of great online maps 🌍🗺🌎

Monad, Functional Programming features for Golang

Vxheaven.org website's mirror

internet monitoring osint telegram bot for windows

Prototype Lua object-oriented program system, with many modern features like attribute, overload, etc. For Lua 5.1 or above, include luajit

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

Forensics artefact collection tool for systems running Microsoft Windows

Automatically updated, moderated and optimized lists for blocking ads, trackers, malware and other garbage

Tools for the Computer Incident Response Team 💻

www.rootkit.com users section mirror, sql database dump, and a few other files/rootkits.

Splunk code (SPL) useful for serious threat hunters.

44 Collect free icon sets for iconjar. 收集免费的图标包，iconjar 格式（44套）。

JSON DataSet for macOS mapped to MITRE ATT&CK Tactics.

A curated list of awesome threat detection and hunting resources