1102 Open source projects that are alternatives of or similar to YAFRA

A modular Python application to pull intelligence about malicious files

Curated list of awesome cybersecurity companies and solutions.

Malware repository component for samples & static configuration with REST API interface.

Distributed malware processing framework based on Python, Redis and MinIO.

A Python library and command line tools to provide interactive log visualization.

Recon Hunt Queries

FCL (Fileless Command Lines) - Known command lines of fileless malicious executions

A curated list of tools for incident response

FAME Automates Malware Evaluation

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

OPCDE Cybersecurity Conference Materials

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.

Incident Response - Fast suspicious file finder

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

Maltego CaseFile entities for information security investigations, malware analysis and incident response

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.

incident response scripts

Monitoring GitLab for sensitive data shared publicly

A concise, directive, specific, flexible, and free incident response plan template

Sandia Cyber Omni Tracker (SCOT)

A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).

Australian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers

Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI

WIFI Client Detection - Identify people by assigning a name to a device performing a wireless probe request.

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

A curses-style interface for automatic takedown notification based on MISP events.

VirusTotal Full api

Leverage Sophos Central API

STIX data representing MITRE ATT&CK

Repository for threat hunting and detection queries, tools, etc.

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

OSINT Project

Cyber-investigation Analysis Standard Expression (CASE) Ontology

Leaked Linux.Mirai Source Code for Research/IoC Development Purposes

OpenCTI Python Client

This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.

🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more

No description or website provided.

Citizen Lab Malware Reports

Cortex Analyzers Repository

ioc2rpz is a place where threat intelligence meets DNS.

evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.

The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.

Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups

Exporting MISP event attributes to yara rules usable with Thor apt scanner

Standard-Format Threat Intelligence Feeds

The Ultimate OSINT and Threat Hunting Framework

RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.

Search a filesystem for indicators of compromise (IoC).

A python module for working with ATT&CK

Leaked pentesting manuals given to Conti ransomware crooks

Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations

A curated list of awesome resources related to executable packing

The principal objectives and outputs of this project are the creation and dissemination of an extension to the VERIS schema incorporating ATT&CK mappings and associated usage documentation.

A (nearly) production ready Dockered MISP

Capture passwords of login attempts on non-existent and disabled accounts.

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.