206 Open source projects that are alternatives of or similar to Weffles

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.

PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.

Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension

Explore Indicators of Compromise Automatically

#ThreatHunting #DFIR #Malware #Detection Mind Maps

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

Microsoft Sentinel SOC Operations

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

Recon Hunt Queries

All-in-one bundle of MISP, TheHive and Cortex

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Incident Response - Fast suspicious file finder

incident response scripts

FCL (Fileless Command Lines) - Known command lines of fileless malicious executions

ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.

A curated list of awesome things related to TheHive & Cortex

🚌 The missing link to connect open-source threat intelligence tools.

Real-time HTTP Intrusion Detection

Windows Events Attack Samples

SIEM Tactics, Techiques, and Procedures

Wazuh - Project documentation

A repository of sysmon configuration modules

PatrowlHears - Vulnerability Intelligence Center / Exploits

Python API Client for TheHive

🔍 Mindmaps for threat hunting - work in progress.

Monzo's real-time incident response and reporting tool ⚡️

Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads

Open-source framework to detect outliers in Elasticsearch events

Splunk code (SPL) useful for serious threat hunters.

Signature base for my scanner tools

Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.

Tools for hunting for threats.

JSON DataSet for macOS mapped to MITRE ATT&CK Tactics.

Bringing you the best of the worst files on the Internet.

A role-playing game for incident management training

A curated list of awesome threat detection and hunting resources

PS / Bash / Python / Other scripts For FUN!

Your Everyday Threat Intelligence

PCAP Samples for Different Post Exploitation Techniques

Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders

CIF v3 -- the fastest way to consume threat intelligence

Invoke-LiveResponse

An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.

incident response tool for iOS devices

A toolkit for Security Researchers

Maltego CaseFile entities for information security investigations, malware analysis and incident response

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Real-time Packet Observation Tool

BeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you

PagerDuty's Incident Response Documentation.

Wazuh - Chef cookbooks

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

A curated list of awesome YARA rules, tools, and people.