threat

There are 150 repositories under threat topic.

teler-sh/teler
Real-time HTTP Intrusion Detection
Language:Go3k 51 69247
activecm/rita
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
Language:Go2.5k 112 389365
Yamato-Security/hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Language:Rust2k 41 604178
mandiant/ThreatPursuit-VM
Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.
Language:PowerShell1.2k 70 39241
certtools/intelmq
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
Language:Python945 74 1.2k296
toolswatch/vFeed
The Correlated CVE Vulnerability And Threat Intelligence Database API
Language:Python922 113 70244
izar/pytm
A Pythonic framework for threat modeling
Language:Python856 42 80161
cyberark/SkyArk
SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
Language:PowerShell852 41 15156
Yamato-Security/WELA
WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）
Language:PowerShell726 18 6177
TonyPhipps/SIEM
SIEM Tactics, Techiques, and Procedures
532 32 197
manifoldfinance/defi-threat
a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations on decentralized finance
Language:JavaScript482 22 1953
TonyPhipps/Meerkat
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
Language:PowerShell427 31 284
SupportIntelligence/Icewater
16,432 Free Yara rules created by
Language:YARA380 36 057
EXP-Tools/threat-broadcast
威胁情报播报
Language:Python358 9 79174
TalEliyahu/Threat_Model_Examples
Collection of Threat Models
357 12 055
opencybersecurityalliance/kestrel-lang
Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
Language:Python282 14 15551
rastrea2r/rastrea2r
Collecting & Hunting for IOCs with gusto and style
Language:Python235 18 453
opencybersecurityalliance/stix-shifter
This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.
Language:Python219 35 180230
Aabyss-Team/Ban-Hacker-IP-Plan
国内恶意IP封禁计划，还赛博空间一片朗朗乾坤
162 1 419
SoulSec/resource-threat-hunting
Repository resource for threat hunter
157 8 032
Patrowl/PatrowlHears
PatrowlHears - Vulnerability Intelligence Center / Exploits
Language:Python155 12 7252
docbleach/DocBleach
:shower: Sanitising your documents, one threat at a time. — Content Disarm & Reconstruction Software
Language:Java146 12 4134
Graylog2/graylog-plugin-threatintel
Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases
Language:Java145 27 8321
usnistgov/mobile-threat-catalogue
NIST/NCCoE Mobile Threat Catalogue
Language:HTML141 24 19340
jymcheong/SysmonResources
Consolidation of various resources related to Microsoft Sysmon & sample data/log
Language:Python98 3 023
monarc-project/MonarcAppFO
MONARC - Method for an Optimised aNAlysis of Risks by @NC3-LU
Language:Shell98 15 39638
ine-labs/ThreatSeeker
ThreatSeeker: Threat Hunting via Windows Event Logs
Language:Python91 5 09
CERTCC/Vulnerability-Data-Archive
With the hope that someone finds the data useful, we used to periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
84 13 425
yevh/TaaC-AI
AI-driven Threat modeling-as-a-Code (TaaC-AI)
Language:HTML83 2 210
CloudDefenseAI/falco_extended_rules
Curating Falco rules with MITRE ATT&CK Matrix
Language:Python73 2 012
rusakovichma/TicTaaC
Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. Sugar-Free and Secure: no any external dependencies except for chart plotting are used
Language:Java51 4 811
MHaggis/app_splunk_sysmon_hunter
Splunk App to assist Sysmon Threat Hunting
38 7 07
EsreverWoW/ClassicThreatMeter
A simple threat meter for WoW Classic (1.13.2)
Language:Lua37 6 377
redrays-io/SAP-Threat-Modeling
The SAP Threat Modeling Tool is an on-premises open-source web application designed to analyze and visualize connections between SAP systems, helping users identify security risks and vulnerabilities. With features like inputting SAP credentials, scanning for connections, and visualizing the network.
Language:HTML379
vc0RExor/Quick-Analysis
Quick analysis focusing on most important of a Malware or a Threat
37 3 06
h7hac9/ThreatCollector
威胁情报采集系统
Language:Python32 4 013

threat

teler-sh/teler

activecm/rita

Yamato-Security/hayabusa

mandiant/ThreatPursuit-VM

certtools/intelmq

toolswatch/vFeed

izar/pytm

cyberark/SkyArk

Yamato-Security/WELA

TonyPhipps/SIEM

manifoldfinance/defi-threat

TonyPhipps/Meerkat

SupportIntelligence/Icewater

EXP-Tools/threat-broadcast

TalEliyahu/Threat_Model_Examples

opencybersecurityalliance/kestrel-lang

rastrea2r/rastrea2r

opencybersecurityalliance/stix-shifter

Aabyss-Team/Ban-Hacker-IP-Plan

SoulSec/resource-threat-hunting

Patrowl/PatrowlHears

docbleach/DocBleach

Graylog2/graylog-plugin-threatintel

usnistgov/mobile-threat-catalogue

jymcheong/SysmonResources

monarc-project/MonarcAppFO

ine-labs/ThreatSeeker

CERTCC/Vulnerability-Data-Archive

yevh/TaaC-AI

CloudDefenseAI/falco_extended_rules

rusakovichma/TicTaaC

MHaggis/app_splunk_sysmon_hunter

EsreverWoW/ClassicThreatMeter

redrays-io/SAP-Threat-Modeling

vc0RExor/Quick-Analysis

h7hac9/ThreatCollector