IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+1101.14%)
OrianaOriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Stars: ✭ 152 (-13.64%)
WatcherWatcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Stars: ✭ 324 (+84.09%)
evtx-hunterevtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
Stars: ✭ 122 (-30.68%)
PowerGRRPowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.
Stars: ✭ 52 (-70.45%)
ThreatpinchlookupDocumentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Stars: ✭ 257 (+46.02%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (-58.52%)
MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (+27.27%)
BeagleBeagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Stars: ✭ 976 (+454.55%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-40.34%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (+106.25%)
YAFRAYAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Stars: ✭ 22 (-87.5%)
Apt HunterAPT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
Stars: ✭ 297 (+68.75%)
rhqRecon Hunt Queries
Stars: ✭ 66 (-62.5%)
MthcAll-in-one bundle of MISP, TheHive and Cortex
Stars: ✭ 134 (-23.86%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (-7.95%)
fastfinderIncident Response - Fast suspicious file finder
Stars: ✭ 116 (-34.09%)
ir scriptsincident response scripts
Stars: ✭ 17 (-90.34%)
FclFCL (Fileless Command Lines) - Known command lines of fileless malicious executions
Stars: ✭ 409 (+132.39%)
ThreathuntThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: ✭ 92 (-47.73%)
AwesomeA curated list of awesome things related to TheHive & Cortex
Stars: ✭ 88 (-50%)
Threatbus🚌 The missing link to connect open-source threat intelligence tools.
Stars: ✭ 139 (-21.02%)
TelerReal-time HTTP Intrusion Detection
Stars: ✭ 1,248 (+609.09%)
SiemSIEM Tactics, Techiques, and Procedures
Stars: ✭ 157 (-10.8%)
Sysmon ModularA repository of sysmon configuration modules
Stars: ✭ 1,229 (+598.3%)
PatrowlhearsPatrowlHears - Vulnerability Intelligence Center / Exploits
Stars: ✭ 89 (-49.43%)
Thehive4pyPython API Client for TheHive
Stars: ✭ 143 (-18.75%)
Hunting Mindmaps🔍 Mindmaps for threat hunting - work in progress.
Stars: ✭ 86 (-51.14%)
ResponseMonzo's real-time incident response and reporting tool ⚡️
Stars: ✭ 1,252 (+611.36%)
Edr Testing ScriptTest the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
Stars: ✭ 136 (-22.73%)
Ee OutliersOpen-source framework to detect outliers in Elasticsearch events
Stars: ✭ 172 (-2.27%)
Threathunting SplSplunk code (SPL) useful for serious threat hunters.
Stars: ✭ 117 (-33.52%)
Signature BaseSignature base for my scanner tools
Stars: ✭ 1,212 (+588.64%)
Yara EndpointYara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
Stars: ✭ 75 (-57.39%)
ThreathuntingTools for hunting for threats.
Stars: ✭ 153 (-13.07%)
Malware FeedBringing you the best of the worst files on the Internet.
Stars: ✭ 69 (-60.8%)
ScriptingPS / Bash / Python / Other scripts For FUN!
Stars: ✭ 47 (-73.3%)
YetiYour Everyday Threat Intelligence
Stars: ✭ 1,037 (+489.2%)
Pcap AttackPCAP Samples for Different Post Exploitation Techniques
Stars: ✭ 175 (-0.57%)
Aurora Incident ResponseIncident Response Documentation made easy. Developed by Incident Responders for Incident Responders
Stars: ✭ 171 (-2.84%)
Bearded AvengerCIF v3 -- the fastest way to consume threat intelligence
Stars: ✭ 152 (-13.64%)
HistoricprocesstreeAn Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.
Stars: ✭ 46 (-73.86%)
Ios Triageincident response tool for iOS devices
Stars: ✭ 42 (-76.14%)
Analyst CasefileMaltego CaseFile entities for information security investigations, malware analysis and incident response
Stars: ✭ 41 (-76.7%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-38.64%)
RpotReal-time Packet Observation Tool
Stars: ✭ 38 (-78.41%)
BesafeBeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you
Stars: ✭ 21 (-88.07%)
Wazuh ChefWazuh - Chef cookbooks
Stars: ✭ 9 (-94.89%)
Misp TaxonomiesTaxonomies used in MISP taxonomy system and can be used by other information sharing tool.
Stars: ✭ 168 (-4.55%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-15.34%)
Awesome YaraA curated list of awesome YARA rules, tools, and people.
Stars: ✭ 1,394 (+692.05%)