threat
There are 148 repositories under threat topic.
kitabisa/teler
Real-time HTTP Intrusion Detection
activecm/rita
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
Yamato-Security/hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
mandiant/ThreatPursuit-VM
Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.
certtools/intelmq
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
toolswatch/vFeed
The Correlated CVE Vulnerability And Threat Intelligence Database API
cyberark/SkyArk
SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
izar/pytm
A Pythonic framework for threat modeling
Yamato-Security/WELA
WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
TonyPhipps/SIEM
SIEM Tactics, Techiques, and Procedures
manifoldfinance/defi-threat
a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations on decentralized finance
TonyPhipps/Meerkat
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
SupportIntelligence/Icewater
16,432 Free Yara rules created by
TalEliyahu/Threat_Model_Examples
Collection of Threat Models
opencybersecurityalliance/kestrel-lang
Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
rastrea2r/rastrea2r
Collecting & Hunting for IOCs with gusto and style
opencybersecurityalliance/stix-shifter
This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.
Aabyss-Team/Ban-Hacker-IP-Plan
国内恶意IP封禁计划,还赛博空间一片朗朗乾坤
SoulSec/resource-threat-hunting
Repository resource for threat hunter
Patrowl/PatrowlHears
PatrowlHears - Vulnerability Intelligence Center / Exploits
docbleach/DocBleach
:shower: Sanitising your documents, one threat at a time. — Content Disarm & Reconstruction Software
Graylog2/graylog-plugin-threatintel
Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases
usnistgov/mobile-threat-catalogue
NIST/NCCoE Mobile Threat Catalogue
monarc-project/MonarcAppFO
MONARC - Method for an Optimised aNAlysis of Risks by @NC3-LU
jymcheong/SysmonResources
Consolidation of various resources related to Microsoft Sysmon & sample data/log
ine-labs/ThreatSeeker
ThreatSeeker: Threat Hunting via Windows Event Logs
CERTCC/Vulnerability-Data-Archive
With the hope that someone finds the data useful, we used to periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
yevh/TaaC-AI
AI-driven Threat modeling-as-a-Code (TaaC-AI)
CloudDefenseAI/falco_extended_rules
Curating Falco rules with MITRE ATT&CK Matrix
rusakovichma/TicTaaC
Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. Sugar-Free and Secure: no any external dependencies except for chart plotting are used
MHaggis/app_splunk_sysmon_hunter
Splunk App to assist Sysmon Threat Hunting
EsreverWoW/ClassicThreatMeter
A simple threat meter for WoW Classic (1.13.2)
redrays-io/SAP-Threat-Modeling
The SAP Threat Modeling Tool is an on-premises open-source web application designed to analyze and visualize connections between SAP systems, helping users identify security risks and vulnerabilities. With features like inputting SAP credentials, scanning for connections, and visualizing the network.
vc0RExor/Quick-Analysis
Quick analysis focusing on most important of a Malware or a Threat
h7hac9/ThreatCollector
威胁情报采集系统