advancedeng

advancedeng's Stars

• stamparm/maltrail

  Malicious traffic detection system

  Language:Python6.8k2324341.1k

• MISP/MISP

  MISP (core software) - Open Source Threat Intelligence and Sharing Platform

  Language:PHP5.6k2786.7k1.5k

• dalibo/pg_activity

  pg_activity is a top like application for PostgreSQL server activity monitoring.

  Language:Python2.6k44165181

• certsocietegenerale/FIR

  Fast Incident Response

  Language:JavaScript1.9k119229509

• ssllabs/ssllabs-scan

  A command-line reference-implementation client for SSL Labs APIs, designed for automated and/or bulk testing.

  Language:Go1.7k92913243

• weppos/whois

  An intelligent — pure Ruby — WHOIS client and parser.

  Language:Ruby1.1k39389281

• gregs1104/pgtune

  PostgreSQL configuration wizard

  Language:Python1.1k491597

• certtools/intelmq

  IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

  Language:Python1k771.2k302

• OpenSOC/opensoc

  OpenSOC Apache Hadoop Code

  5781745187

• mandiant/iocs

  FireEye Publicly Shared Indicators of Compromise (IOCs)

  4641595116

• brad-sp/cuckoo-modified

  Modified edition of cuckoo

  Language:Python26956154100

• xiaozhouwang/kaggle_Microsoft_Malware

  code for kaggle competition Microsoft malware classification

  Language:Python251241145

• sandialabs/scot

  Sandia Cyber Omni Tracker (SCOT)

  Language:JavaScript245375248

• sneakerhax/PyPhisher

  Python tool for phishing

  Language:Python22618654

• MITRECND/WhoDat

  Pivotable Reverse WhoIs / PDNS Fusion with Registrant Tracking & Alerting plus API for automated queries (JSON/CSV/TXT)

  Language:Python159281038

• Malshare/MalShare-Toolkit

  Set of tools for interacting with Malshare

  Language:Python15219541

• endgameinc/binarypig

  Scalable Binary Data Extraction in Hadoop

  Language:JavaScript143501042

• fox-it/cryptophp

  CryptoPHP Indicators of Compromise

  Language:Python12937649

• chadillac/mdns_recon

  Multicast DNS and DNS service discovery daemons deployed on various systems across the Internet are misconfigured and reply to queries targeting their unicast addresses, including requests from their WAN interface. These daemons could be leveraged by attackers for sensitive information disclosure and potentially used in DDoS campaigns for reflection and in some cases amplification. This vulnerability was made public in cordination with CERT (http://www.kb.cert.org/vuls/id/550620)

  Language:Python8412129

• Masood-M/yalih

  YALIH (Yet Another Low Interaction Honeyclient) is a low Interaction Client honeypot designed to detect malicious websites through signature, anomaly and pattern matching techniques

  Language:Python6810211

• daverstephens/The-SOC-Shop

  Repository of scripts/tools that may be useful in Security Operations Centres (SOC)

  Language:Shell5433

• blackhole-em/cuckoo2STIX

  Language:Python3718113

• mjdorma/yara-ctypes

  A Python ctypes package for libyara

  Language:Python3171315

• GOVCERT-LU/ce1sus

  ARCHIVED ce1sus, a threat information database ARCHIVED

  Language:JavaScript281008

• 0xd34db33f/maltego-transforms

  Public Maltego Transforms

  Language:Python24815

• ops-trust/portal

  Ops-Trust Platform - Portal

  Language:HTML2113514

• espenfjo/FjoSpidie

  FjoSpidie Honey Client

  Language:Python17362

• iSIGHTPartners/macaroni_extension

  A browser extension that seamlessly integrates your yara match notifications into VirusTotal Intelligence.

  Language:JavaScript17801

• bryannolen/DFIR-PUBLIC

  Language:Python12502

• jackcr/yara-memory

  Yara rules to be used in memory analysis

  9602