28 results found Sort:

teler-sh
teler teler-sh
252
3.0k
apache-2.0
51
Real-time HTTP Intrusion Detection
go ids log iocs logs golang threat intrusion analyze-logs log-analyzer threat-rules threat-hunting threat-analyzer intrusion-detection threat-intelligence intrusion-detection-system
This repository has been archived (exclude archived)
Created 2020-07-21
843 commits to v2 branch, last one 9 months ago
activecm
rita-legacy activecm
362
2.5k
gpl-3.0
112
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
dga dns bhis logs rita beacon threat bro-ids analysis blueteam scanning security analytics dns-tunneling beacon-sniffer network-traffic offensive-countermeasures
Created 2016-09-24
850 commits to master branch, last one 4 months ago
Yamato-Security
hayabusa Yamato-Security
203
2.3k
agpl-3.0
42
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
dfir logs rust event sigma attack threat yamato hunting windows hayabusa incident response security detection forensics cybersecurity threat-hunting incident-response security-automation
Created 2020-09-18
4,390 commits to main branch, last one 12 hours ago
mandiant
ThreatPursuit-VM mandiant
248
1.2k
other
70
Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well a...
cyber threat fireeye malware mandiant analytics data-science intelligence threathunting virtual-machine threatintelligence intelligence-analysis
This repository has been archived (exclude archived)
Created 2020-09-16
16 commits to master branch, last one about a year ago
certtools
intelmq certtools
296
975
agpl-3.0
77
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
ioc cert ihap csirt feeds alerts python threat malware handling incident phishing automation intelligence cybersecurity incident-response
Created 2014-06-24
8,002 commits to develop branch, last one 17 days ago
toolswatch
vFeed toolswatch
243
933
other
113
The Correlated CVE Vulnerability And Threat Intelligence Database API
cve cwe oval scap capec vfeed python threat exploits threatintel vulnerability threat-intelligence intelligence-gathering vulnerability-scanners vulnerability-databases vulnerability-detection threat-intelligence-database vulnerability-database-entry vulnerability-identification common-vulnerability-exposure
Created 2013-05-20
81 commits to master branch, last one 3 years ago
cyberark
SkyArk cyberark
161
874
mit
41
SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
aws azure cloud admins threat attacker powershell privileges cloud-security security-tools
Created 2018-03-15
209 commits to master branch, last one 2 years ago
Yamato-Security
WELA Yamato-Security
82
763
gpl-3.0
18
WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
log dfir logs event sigma threat hunting windows analysis incident response timeline forensics
Created 2021-05-13
131 commits to main branch, last one about a year ago
TonyPhipps
SIEM TonyPhipps
102
586
gpl-3.0
32
SIEM Tactics, Techiques, and Procedures
log red soc blue hunt scan siem team recon purple threat triage monitor analysis baseline incident response security forensics threat-hunting
Created 2018-08-02
416 commits to master branch, last one 29 days ago
manifoldfinance
defi-threat manifoldfinance
53
487
mpl-2.0
22
a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations on decentralized finance
cve evm defi nfts erc20 erc721 threat infosec ethereum solidity advisories blockchain kill-chain defi-threat threat-matrix smart-contracts smart-contracts-audit
Created 2020-08-25
38 commits to master branch, last one 5 months ago
TonyPhipps
Meerkat TonyPhipps
82
435
gpl-3.0
31
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
log red soc blue hunt scan siem team recon purple threat triage monitor analysis baseline incident response security forensics threat-hunting
Created 2018-02-08
510 commits to master branch, last one 5 days ago
TalEliyahu
Threat_Model_Examples TalEliyahu
55
383
unknown
12
Collection of Threat Models
threat risk-assessment threat-analysis threat-modeling
Created 2022-05-26
46 commits to main branch, last one 2 years ago
EXP-Tools
threat-broadcast EXP-Tools
181
374
gpl-3.0
11
威胁情报播报
cve safe threat broadcast programming
Created 2020-04-23
11,897 commits to master branch, last one about an hour ago
opencybersecurityalliance
kestrel-lang opencybersecurityalliance
51
300
apache-2.0
16
Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
threat language security threatintel cybersecurity hacktoberfest security-tools threat-hunting security-automation threat-intelligence
Created 2021-05-18
1,718 commits to develop branch, last one about a month ago
rastrea2r
rastrea2r rastrea2r
53
238
mit
17
Collecting & Hunting for IOCs with gusto and style
ioc threat hunting security-tools
Created 2018-05-01
73 commits to master branch, last one 4 years ago
opencybersecurityalliance
stix-shifter opencybersecurityalliance
232
231
other
34
This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.
ocsf stix stix2 python threat security threatintel cybersecurity hacktoberfest security-tools threat-hunting security-automation threat-intelligence
Created 2018-05-11
1,413 commits to develop branch, last one 22 days ago
Aabyss-Team
Ban-Hacker-IP-Plan Aabyss-Team
24
213
gpl-3.0
2
国内恶意IP封禁计划,还赛博空间一片朗朗乾坤
ioc ban-ip hacker malice threat ban-bot ban-hosts intelligence threat-intelligence
Created 2024-02-22
54 commits to main branch, last one 3 months ago
Patrowl
PatrowlHears Patrowl
52
159
agpl-3.0
12
PatrowlHears - Vulnerability Intelligence Center / Exploits
api cpe cve soc cvss secops threat patrowl exploits automation threatintel cybersecurity threat-hunting vulnerabilities exploits-scripts threat-intelligence vulnerability-scanning vulnerability-detection vulnerability-intelligence vulnerability-identification
Created 2020-01-20
149 commits to master branch, last one about a month ago
Graylog2
graylog-plugin-threatintel Graylog2
19
150
other
28
Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases
otx abuse whois threat graylog spamhaus threatintel threat-score whois-lookup graylog-plugin threat-analysis whois-information
Created 2016-09-14
461 commits to master branch, last one about a year ago
usnistgov
mobile-threat-catalogue usnistgov
40
143
other
24
NIST/NCCoE Mobile Threat Catalogue
nist mobile threat catalogue
Created 2016-09-19
1,108 commits to nist-pages branch, last one about a year ago
ine-labs
ThreatSeeker ine-labs
13
114
mit
5
ThreatSeeker: Threat Hunting via Windows Event Logs
evtx sysmon threat windows log-analysis threat-detection threat-intelligence
Created 2023-04-11
4 commits to master branch, last one about a year ago
yevh
TaaC-AI yevh
12
114
unknown
5
AI-driven Threat modeling-as-a-Code (TaaC-AI)
ai gpt taac gpt-3 gpt-4 threat claude-3 devsecops mistral-7b llm-security threat-models threat-modeling secure-development application-security threat-modeling-tool threat-modeling-from-code
Created 2023-12-14
67 commits to main branch, last one 5 months ago
jymcheong
SysmonResources jymcheong
23
104
unknown
3
Consolidation of various resources related to Microsoft Sysmon & sample data/log
sysmon threat threat-hunting
Created 2018-01-24
650 commits to master branch, last one 3 years ago
monarc-project
MonarcAppFO monarc-project
38
101
agpl-3.0
14
MONARC - Method for an Optimised aNAlysis of Risks by @NC3-LU
cases monarc threat security governance cybersecurity risk-analysis risk-treatment risk-assessment risk-evaluation vulnerabilities
Created 2016-09-12
1,080 commits to master branch, last one 2 days ago
CloudDefenseAI
falco_extended_rules CloudDefenseAI
13
74
apache-2.0
2
Curating Falco rules with MITRE ATT&CK Matrix
cspm cnapp falco devops threat malware security zero-day devsecops kuberentes cloudsecurity security-tools threat-analysis threat-modeling malware-analysis workload-security container-security kubernetes-security vulnerability-scanners vulnerability-detection
Created 2023-03-21
46 commits to master branch, last one 8 months ago
rusakovichma
TicTaaC rusakovichma
16
55
apache-2.0
4
Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. Sugar-Free and Secure: no any external dependencies except for ...
appsec threat devsecops threat-model threat-models threat-modeling secure-development application-security threat-modeling-tool threat-modeling-from-code
Created 2021-08-26
175 commits to master branch, last one 4 months ago
redrays-io
SAP-Threat-Modeling redrays-io
13
47
mit
2
The SAP Threat Modeling Tool is an on-premises open-source web application designed to analyze and visualize connections between SAP systems, helping users identify security risks and vulnerabilities....
sap threat modeling security sap-security threat-modeling
Created 2024-04-23
6 commits to master branch, last one 6 months ago
vc0RExor
Quick-Analysis vc0RExor
6
39
unknown
3
Quick analysis focusing on most important of a Malware or a Threat
threat malware research quick-analysis
Created 2021-09-30
37 commits to main branch, last one about a year ago