29 results found Sort:

kitabisa
teler kitabisa
247
3.0k
apache-2.0
51
Real-time HTTP Intrusion Detection
go ids log iocs logs golang threat intrusion analyze-logs log-analyzer threat-rules threat-hunting threat-analyzer intrusion-detection threat-intelligence intrusion-detection-system
This repository has been archived (exclude archived)
Created 2020-07-21
843 commits to v2 branch, last one 3 months ago
activecm
rita activecm
359
2.5k
gpl-3.0
112
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
dga dns bhis logs rita beacon threat bro-ids analysis blueteam scanning security analytics dns-tunneling beacon-sniffer network-traffic offensive-countermeasures
Created 2016-09-24
847 commits to master branch, last one 4 months ago
Yamato-Security
hayabusa Yamato-Security
171
2.0k
gpl-3.0
42
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
dfir logs rust event sigma attack threat yamato hunting windows hayabusa incident response security detection forensics cybersecurity threat-hunting incident-response security-automation
Created 2020-09-18
4,059 commits to main branch, last one 3 days ago
mandiant
ThreatPursuit-VM mandiant
241
1.2k
other
70
Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well a...
cyber threat fireeye malware mandiant analytics data-science intelligence threathunting virtual-machine threatintelligence intelligence-analysis
Created 2020-09-16
16 commits to master branch, last one about a year ago
certtools
intelmq certtools
294
941
agpl-3.0
74
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
ioc cert ihap csirt feeds alerts python threat malware handling incident phishing automation intelligence cybersecurity incident-response
Created 2014-06-24
7,947 commits to develop branch, last one 26 days ago
toolswatch
vFeed toolswatch
244
922
other
113
The Correlated CVE Vulnerability And Threat Intelligence Database API
cve cwe oval scap capec vfeed python threat exploits threatintel vulnerability threat-intelligence intelligence-gathering vulnerability-scanners vulnerability-databases vulnerability-detection threat-intelligence-database vulnerability-database-entry vulnerability-identification common-vulnerability-exposure
Created 2013-05-20
81 commits to master branch, last one 3 years ago
cyberark
SkyArk cyberark
155
853
mit
41
SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
aws azure cloud admins threat attacker powershell privileges cloud-security security-tools
Created 2018-03-15
209 commits to master branch, last one about a year ago
izar
pytm izar
161
847
other
43
A Pythonic framework for threat modeling
dfd threat diagram threats dataflow hacktoberfest threat-modeling sequence-diagram data-flow-diagram hacktoberfest2021 pythonic-framework secure-development hacktoberfest-accepted threat-modeling-from-code
Created 2018-05-14
514 commits to master branch, last one 3 days ago
Yamato-Security
WELA Yamato-Security
74
680
gpl-3.0
17
WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
log dfir logs event sigma threat hunting windows analysis incident response timeline forensics
Created 2021-05-13
131 commits to main branch, last one about a year ago
TonyPhipps
SIEM TonyPhipps
97
525
gpl-3.0
32
SIEM Tactics, Techiques, and Procedures
log red soc blue hunt scan siem team recon purple threat triage monitor analysis baseline incident response security forensics threat-hunting
Created 2018-08-02
390 commits to master branch, last one 15 days ago
manifoldfinance
defi-threat manifoldfinance
53
480
mpl-2.0
22
a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations on decentralized finance
cve evm defi nfts erc20 erc721 threat infosec ethereum solidity advisories blockchain kill-chain defi-threat threat-matrix smart-contracts smart-contracts-audit
Created 2020-08-25
37 commits to master branch, last one about a year ago
TonyPhipps
Meerkat TonyPhipps
84
426
gpl-3.0
31
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
log red soc blue hunt scan siem team recon purple threat triage monitor analysis baseline incident response security forensics threat-hunting
Created 2018-02-08
442 commits to master branch, last one 16 days ago
EXP-Tools
threat-broadcast EXP-Tools
174
357
gpl-3.0
9
威胁情报播报
cve safe threat broadcast programming
Created 2020-04-23
11,439 commits to master branch, last one 16 hours ago
TalEliyahu
Threat_Model_Examples TalEliyahu
52
346
unknown
12
Collection of Threat Models
threat risk-assessment threat-analysis threat-modeling
Created 2022-05-26
46 commits to main branch, last one 2 years ago
opencybersecurityalliance
kestrel-lang opencybersecurityalliance
50
280
apache-2.0
14
Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
threat language security threatintel cybersecurity hacktoberfest security-tools threat-hunting security-automation threat-intelligence
Created 2021-05-18
1,487 commits to develop branch, last one 16 days ago
rastrea2r
rastrea2r rastrea2r
53
234
mit
18
Collecting & Hunting for IOCs with gusto and style
ioc threat hunting security-tools
Created 2018-05-01
73 commits to master branch, last one 4 years ago
opencybersecurityalliance
stix-shifter opencybersecurityalliance
227
218
other
35
This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.
ocsf stix stix2 python threat security threatintel cybersecurity hacktoberfest security-tools threat-hunting security-automation threat-intelligence
Created 2018-05-11
1,368 commits to develop branch, last one a day ago
Aabyss-Team
Ban-Hacker-IP-Plan Aabyss-Team
19
160
gpl-3.0
1
国内恶意IP封禁计划,还赛博空间一片朗朗乾坤
ioc ban-ip hacker malice threat ban-bot ban-hosts intelligence threat-intelligence
Created 2024-02-22
39 commits to main branch, last one 3 months ago
Patrowl
PatrowlHears Patrowl
52
154
agpl-3.0
12
PatrowlHears - Vulnerability Intelligence Center / Exploits
api cpe cve soc cvss secops threat patrowl exploits automation threatintel cybersecurity threat-hunting vulnerabilities exploits-scripts threat-intelligence vulnerability-scanning vulnerability-detection vulnerability-intelligence vulnerability-identification
Created 2020-01-20
145 commits to master branch, last one about a year ago
Graylog2
graylog-plugin-threatintel Graylog2
21
145
other
28
Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases
otx abuse whois threat graylog spamhaus threatintel threat-score whois-lookup graylog-plugin threat-analysis whois-information
Created 2016-09-14
461 commits to master branch, last one about a year ago
usnistgov
mobile-threat-catalogue usnistgov
40
141
other
24
NIST/NCCoE Mobile Threat Catalogue
nist mobile threat catalogue
Created 2016-09-19
1,108 commits to nist-pages branch, last one 9 months ago
monarc-project
MonarcAppFO monarc-project
38
98
agpl-3.0
15
MONARC - Method for an Optimised aNAlysis of Risks by @NC3-LU
cases monarc threat security governance cybersecurity risk-analysis risk-treatment risk-assessment risk-evaluation vulnerabilities
Created 2016-09-12
1,048 commits to master branch, last one 17 days ago
jymcheong
SysmonResources jymcheong
23
95
unknown
3
Consolidation of various resources related to Microsoft Sysmon & sample data/log
sysmon threat threat-hunting
Created 2018-01-24
650 commits to master branch, last one 2 years ago
ine-labs
ThreatSeeker ine-labs
9
89
mit
5
ThreatSeeker: Threat Hunting via Windows Event Logs
evtx sysmon threat windows log-analysis threat-detection threat-intelligence
Created 2023-04-11
4 commits to master branch, last one about a year ago
yevh
TaaC-AI yevh
9
85
unknown
2
AI-driven Threat modeling-as-a-Code (TaaC-AI)
ai gpt taac gpt-3 gpt-4 threat claude-3 devsecops mistral-7b llm-security threat-models threat-modeling secure-development application-security threat-modeling-tool threat-modeling-from-code
Created 2023-12-14
61 commits to main branch, last one about a month ago
CloudDefenseAI
falco_extended_rules CloudDefenseAI
11
72
apache-2.0
2
Curating Falco rules with MITRE ATT&CK Matrix
cspm cnapp falco devops threat malware security zero-day devsecops kuberentes cloudsecurity security-tools threat-analysis threat-modeling malware-analysis workload-security container-security kubernetes-security vulnerability-scanners vulnerability-detection
Created 2023-03-21
46 commits to master branch, last one 2 months ago
rusakovichma
TicTaaC rusakovichma
11
49
apache-2.0
4
Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. Sugar-Free and Secure: no any external dependencies except for ...
appsec threat devsecops threat-model threat-models threat-modeling secure-development application-security threat-modeling-tool threat-modeling-from-code
Created 2021-08-26
174 commits to master branch, last one 7 days ago
redrays-io
SAP-Threat-Modeling redrays-io
8
37
mit
2
The SAP Threat Modeling Tool is an on-premises open-source web application designed to analyze and visualize connections between SAP systems, helping users identify security risks and vulnerabilities....
sap threat modeling security sap-security threat-modeling
Created 2024-04-23
6 commits to master branch, last one about a month ago
vc0RExor
Quick-Analysis vc0RExor
6
36
unknown
3
Quick analysis focusing on most important of a Malware or a Threat
threat malware research quick-analysis
Created 2021-09-30
37 commits to main branch, last one 9 months ago