MISP (core software) - Open Source Threat Intelligence and Sharing Platform
翻译 - MISP(核心软件)-开源威胁情报和共享平台(以前称为恶意软件信息共享平台)
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
翻译 - 域名置换引擎,用于检测打字错误,网络钓鱼和企业间谍活动
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
翻译 - OISF维护的Suricata git存储库
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
翻译 - 威胁猎人的剧本,有助于发展狩猎活动的技术和假设。
Real-time HTTP Intrusion Detection
翻译 - 实时HTTP入侵检测
Windows Events Attack Samples
翻译 - Windows 事件攻击示例
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspi...
翻译 - APT-Hunter是Windows事件日志的威胁搜寻工具,紫色团队的心态使该工具能够检测Windows事件日志中隐藏的APT移动,以减少发现可疑活动的时间
An Active Defense and EDR software to empower Blue Teams
翻译 - 主动防御和EDR软件可增强Blue Teams的能力
Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to U...
翻译 - 策展情报与来自世界各地的分析师合作,为乌克兰寻求额外免费威胁情报的组织提供有用的信息。乌克兰斯拉瓦。荣耀属于乌克兰。
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
翻译 - Watcher-开源网络安全威胁搜寻平台。用Django&React JS开发。
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
翻译 - 一个 Cloud Forensics Powershell 模块,用于对来自 Azure 和 O365 的数据运行威胁搜寻剧本
A tool for OSINT based threat hunting
翻译 - 运行OSINT查询和连续管理结果的助手
Production-ready detection & response queries for osquery
JSON DataSet for macOS mapped to MITRE ATT&CK Tactics.
翻译 - 适用于macOS的JSON数据集已映射到MITER ATT&CK策略。
A powerful and user-friendly browser extension that streamlines investigations for security professionals.
Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.
翻译 - 为了在巴西范围内收集信息、来源(网站/门户)和 OSINT 技巧而创建的存储库。