FameFAME Automates Malware Evaluation
Stars: ✭ 663 (+276.7%)
Thehive4pyPython API Client for TheHive
Stars: ✭ 143 (-18.75%)
Cyberchef RecipesA list of cyber-chef recipes and curated links
Stars: ✭ 619 (+251.7%)
Hunting Mindmaps🔍 Mindmaps for threat hunting - work in progress.
Stars: ✭ 86 (-51.14%)
IntelmqIntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
Stars: ✭ 611 (+247.16%)
CyphonOpen source incident management and response platform.
Stars: ✭ 543 (+208.52%)
ResponseMonzo's real-time incident response and reporting tool ⚡️
Stars: ✭ 1,252 (+611.36%)
FattFATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic
Stars: ✭ 490 (+178.41%)
Edr Testing ScriptTest the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
Stars: ✭ 136 (-22.73%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+149.43%)
Ee OutliersOpen-source framework to detect outliers in Elasticsearch events
Stars: ✭ 172 (-2.27%)
irmaenpoint detection / live analysis & sandbox host / signatures quality test
Stars: ✭ 25 (-85.8%)
ThehivedocsDocumentation of TheHive
Stars: ✭ 353 (+100.57%)
Signature BaseSignature base for my scanner tools
Stars: ✭ 1,212 (+588.64%)
Threathunting SplSplunk code (SPL) useful for serious threat hunters.
Stars: ✭ 117 (-33.52%)
MispMISP (core software) - Open Source Threat Intelligence and Sharing Platform
Stars: ✭ 3,485 (+1880.11%)
IronNetTRThreat research and reporting from IronNet's Threat Research Teams
Stars: ✭ 36 (-79.55%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-15.34%)
Awesome YaraA curated list of awesome YARA rules, tools, and people.
Stars: ✭ 1,394 (+692.05%)
Cortex4pyPython API Client for Cortex
Stars: ✭ 22 (-87.5%)
ThreathuntingTools for hunting for threats.
Stars: ✭ 153 (-13.07%)
Misp GalaxyClusters and elements to attach to MISP events or attributes (like threat actors)
Stars: ✭ 276 (+56.82%)
Sysmon ConfigSysmon configuration file template with default high-quality event tracing
Stars: ✭ 3,287 (+1767.61%)
HelkThe Hunting ELK
Stars: ✭ 3,097 (+1659.66%)
YetiYour Everyday Threat Intelligence
Stars: ✭ 1,037 (+489.2%)
Pcap AttackPCAP Samples for Different Post Exploitation Techniques
Stars: ✭ 175 (-0.57%)
StalkphishStalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
Stars: ✭ 256 (+45.45%)
Ios Triageincident response tool for iOS devices
Stars: ✭ 42 (-76.14%)
bits parserExtract BITS jobs from QMGR queue and store them as CSV records
Stars: ✭ 64 (-63.64%)
RpotReal-time Packet Observation Tool
Stars: ✭ 38 (-78.41%)
CASECyber-investigation Analysis Standard Expression (CASE) Ontology
Stars: ✭ 46 (-73.86%)
aws-customer-playbook-frameworkThis repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.
Stars: ✭ 43 (-75.57%)
BesafeBeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you
Stars: ✭ 21 (-88.07%)
SysmontoolsUtilities for Sysmon
Stars: ✭ 903 (+413.07%)
catalystCatalyst is an open source SOAR system that helps to automate alert handling and incident response processes
Stars: ✭ 91 (-48.3%)
OSINT-BrazucaRepositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.
Stars: ✭ 508 (+188.64%)
Wazuh ChefWazuh - Chef cookbooks
Stars: ✭ 9 (-94.89%)
Misp TaxonomiesTaxonomies used in MISP taxonomy system and can be used by other information sharing tool.
Stars: ✭ 168 (-4.55%)
Vendor-Threat-Triage-LookupLookup file hashes, domain names and IP addresses using various vendors to assist with triaging potential threats.
Stars: ✭ 17 (-90.34%)
ApulloA scanner for taking basic fingerprints
Stars: ✭ 22 (-87.5%)
DovehawkDovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
Stars: ✭ 97 (-44.89%)
ThreathuntingA Splunk app mapped to MITRE ATT&CK to guide your threat hunts
Stars: ✭ 738 (+319.32%)
SiacSIAC is an enterprise SIEM built on open-source technology.
Stars: ✭ 100 (-43.18%)
Awesome SreA curated list of Site Reliability and Production Engineering resources.
Stars: ✭ 7,687 (+4267.61%)
SleuthkitThe Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
Stars: ✭ 1,948 (+1006.82%)
pyetiPython bindings for Yeti's API
Stars: ✭ 15 (-91.48%)
DetectionsThis repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.
Stars: ✭ 95 (-46.02%)
BashfuscatorA fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
Stars: ✭ 690 (+292.05%)
BluespawnAn Active Defense and EDR software to empower Blue Teams
Stars: ✭ 737 (+318.75%)
PhishingkithunterFind phishing kits which use your brand/organization's files and image.
Stars: ✭ 177 (+0.57%)