1632 Open source projects that are alternatives of or similar to Watcher

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

Explore Indicators of Compromise Automatically

ThePhish: an automated phishing email analysis tool

All-in-one bundle of MISP, TheHive and Cortex

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Malware Sample Sources

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

PatrowlHears - Vulnerability Intelligence Center / Exploits

#ThreatHunting #DFIR #Malware #Detection Mind Maps

Microsoft Sentinel SOC Operations

Threat Hunting queries for various attacks

recon-ng modules for Censys

BeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you

A toolkit for Security Researchers

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Bringing you the best of the worst files on the Internet.

Don't Just Search OSINT. Sweep It.

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.

Sandia Cyber Omni Tracker (SCOT)

The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.

RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.

Who and what to follow in the world of cyber security

Tracking APT IOCs

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI

A curated list of tools for incident response

Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.

evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.

OPCDE Cybersecurity Conference Materials

Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations

Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact))..

Capture passwords of login attempts on non-existent and disabled accounts.

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

Repository for threat hunting and detection queries, tools, etc.

CyCAT.org API back-end server including crawlers

OpenCTI Python Client

Cyber Incident Response Team Playbook Battle Cards

A Lambda-powered Security Orchestration framework for AWS GuardDuty

incident response scripts

Incident Response - Fast suspicious file finder

The Ultimate OSINT and Threat Hunting Framework

Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.

A concise, directive, specific, flexible, and free incident response plan template

Threat research and reporting from IronNet's Threat Research Teams

OpenCTI connectors

Python 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/

Aggregated Indicators of Compromise collected and cross-verified from multiple open and community-supported sources, enriched and ranked using our intelligence platform for you. Threat Intelligence, Threat feed, Open source feed.

Recon Hunt Queries

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)

SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.

Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension