FileintelA modular Python application to pull intelligence about malicious files
Stars: ✭ 97 (+340.91%)
Mwdb CoreMalware repository component for samples & static configuration with REST API interface.
Stars: ✭ 125 (+468.18%)
KartonDistributed malware processing framework based on Python, Redis and MinIO.
Stars: ✭ 134 (+509.09%)
Visualize logsA Python library and command line tools to provide interactive log visualization.
Stars: ✭ 128 (+481.82%)
rhqRecon Hunt Queries
Stars: ✭ 66 (+200%)
FclFCL (Fileless Command Lines) - Known command lines of fileless malicious executions
Stars: ✭ 409 (+1759.09%)
FameFAME Automates Malware Evaluation
Stars: ✭ 663 (+2913.64%)
Ir RescueA Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
Stars: ✭ 311 (+1313.64%)
OpcdeOPCDE Cybersecurity Conference Materials
Stars: ✭ 538 (+2345.45%)
BeagleBeagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Stars: ✭ 976 (+4336.36%)
ThreathuntThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: ✭ 92 (+318.18%)
fastfinderIncident Response - Fast suspicious file finder
Stars: ✭ 116 (+427.27%)
Apt HunterAPT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
Stars: ✭ 297 (+1250%)
Analyst CasefileMaltego CaseFile entities for information security investigations, malware analysis and incident response
Stars: ✭ 41 (+86.36%)
OrianaOriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Stars: ✭ 152 (+590.91%)
ir scriptsincident response scripts
Stars: ✭ 17 (-22.73%)
Gitlab WatchmanMonitoring GitLab for sensitive data shared publicly
Stars: ✭ 127 (+477.27%)
ScotSandia Cyber Omni Tracker (SCOT)
Stars: ✭ 206 (+836.36%)
pyiocutilsA collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).
Stars: ✭ 18 (-18.18%)
Dfw1n OsintAustralian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers
Stars: ✭ 63 (+186.36%)
WefflesBuild a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI
Stars: ✭ 176 (+700%)
Whoishere.pyWIFI Client Detection - Identify people by assigning a name to a device performing a wireless probe request.
Stars: ✭ 182 (+727.27%)
ScyllaThe Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.
Stars: ✭ 154 (+600%)
misp-takedownA curses-style interface for automatic takedown notification based on MISP events.
Stars: ✭ 19 (-13.64%)
Sentinel AttackTools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (+2972.73%)
ThehiveTheHive: a Scalable, Open Source and Free Security Incident Response Platform
Stars: ✭ 2,300 (+10354.55%)
IkyOSINT Project
Stars: ✭ 203 (+822.73%)
CASECyber-investigation Analysis Standard Expression (CASE) Ontology
Stars: ✭ 46 (+109.09%)
Linux.miraiLeaked Linux.Mirai Source Code for Research/IoC Development Purposes
Stars: ✭ 466 (+2018.18%)
DetectionsThis repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.
Stars: ✭ 95 (+331.82%)
Analyzer🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more
Stars: ✭ 108 (+390.91%)
Ioc2rpzioc2rpz is a place where threat intelligence meets DNS.
Stars: ✭ 67 (+204.55%)
evtx-hunterevtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
Stars: ✭ 122 (+454.55%)
CCXDiggerThe CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.
Stars: ✭ 45 (+104.55%)
yara-exporterExporting MISP event attributes to yara rules usable with Thor apt scanner
Stars: ✭ 22 (+0%)
ScrummageThe Ultimate OSINT and Threat Hunting Framework
Stars: ✭ 355 (+1513.64%)
RdpCacheStitcherRdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
Stars: ✭ 176 (+700%)
ioc-scannerSearch a filesystem for indicators of compromise (IoC).
Stars: ✭ 31 (+40.91%)
DomainCATDomain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations
Stars: ✭ 34 (+54.55%)
attack to verisThe principal objectives and outputs of this project are the creation and dissemination of an extension to the VERIS schema incorporating ATT&CK mappings and associated usage documentation.
Stars: ✭ 56 (+154.55%)
docker-mispA (nearly) production ready Dockered MISP
Stars: ✭ 184 (+736.36%)
SSHapendoesCapture passwords of login attempts on non-existent and disabled accounts.
Stars: ✭ 31 (+40.91%)
malware-persistenceCollection of malware persistence and hunting information. Be a persistent persistence hunter!
Stars: ✭ 109 (+395.45%)
Reverse-EngineeringA FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
Stars: ✭ 7,234 (+32781.82%)