206 Open source projects that are alternatives of or similar to Weffles

FAME Automates Malware Evaluation

Python API Client for TheHive

A list of cyber-chef recipes and curated links

🔍 Mindmaps for threat hunting - work in progress.

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

Open source incident management and response platform.

Monzo's real-time incident response and reporting tool ⚡️

FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic

Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads

Extract and aggregate threat intelligence.

Open-source framework to detect outliers in Elasticsearch events

enpoint detection / live analysis & sandbox host / signatures quality test

PagerDuty's Incident Response Documentation.

Leverage Sophos Central API

Documentation of TheHive

Signature base for my scanner tools

Splunk code (SPL) useful for serious threat hunters.

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Threat research and reporting from IronNet's Threat Research Teams

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

A curated list of awesome YARA rules, tools, and people.

Python API Client for Cortex

Wazuh - Puppet module

Tools for hunting for threats.

Clusters and elements to attach to MISP events or attributes (like threat actors)

A role-playing game for incident management training

Sysmon configuration file template with default high-quality event tracing

A curated list of awesome threat detection and hunting resources

The Hunting ELK

Your Everyday Threat Intelligence

PCAP Samples for Different Post Exploitation Techniques

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

incident response tool for iOS devices

Extract BITS jobs from QMGR queue and store them as CSV records

A toolkit for Security Researchers

Real-time Packet Observation Tool

Cyber-investigation Analysis Standard Expression (CASE) Ontology

This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.

BeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you

My personal experience in Threat Hunting and knowledge gained so far.

Utilities for Sysmon

Catalyst is an open source SOAR system that helps to automate alert handling and incident response processes

Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.

Wazuh - Chef cookbooks

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.

Lookup file hashes, domain names and IP addresses using various vendors to assist with triaging potential threats.

A scanner for taking basic fingerprints

Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings

A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

Repository for threat hunting and detection queries, tools, etc.

SIAC is an enterprise SIEM built on open-source technology.

A concise, directive, specific, flexible, and free incident response plan template

A curated list of Site Reliability and Production Engineering resources.

Threat Hunting queries for various attacks

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

Python bindings for Yeti's API

This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.

A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

An Active Defense and EDR software to empower Blue Teams

Find phishing kits which use your brand/organization's files and image.