threat
There are 185 repositories under threat topic.
teler-sh/teler
Real-time HTTP Intrusion Detection
Yamato-Security/hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
activecm/rita-legacy
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
mandiant/ThreatPursuit-VM
Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.
certtools/intelmq
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
toolswatch/vFeed
The Correlated CVE Vulnerability And Threat Intelligence Database API
cyberark/SkyArk
SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
Yamato-Security/WELA-deprecated
WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
TonyPhipps/SIEM
SIEM Tactics, Techiques, and Procedures
manifoldfinance/defi-threat
a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations on decentralized finance
TonyPhipps/Meerkat
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
TalEliyahu/Threat_Model_Examples
A collection of real-world threat model examples across various technologies, providing practical insights into identifying and mitigating security risks.
stanfrbd/cyberbro
A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.
SupportIntelligence/Icewater
16,432 Free Yara rules created by
opencybersecurityalliance/kestrel-lang
Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
Aabyss-Team/Ban-Hacker-IP-Plan
国内恶意IP封禁计划,还赛博空间一片朗朗乾坤
opencybersecurityalliance/stix-shifter
This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.
rastrea2r/rastrea2r
Collecting & Hunting for IOCs with gusto and style
Patrowl/PatrowlHears
PatrowlHears - Vulnerability Intelligence Center / Exploits
SoulSec/resource-threat-hunting
Repository resource for threat hunter
docbleach/DocBleach
:shower: Sanitising your documents, one threat at a time. — Content Disarm & Reconstruction Software
Graylog2/graylog-plugin-threatintel
Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases
usnistgov/mobile-threat-catalogue
NIST/NCCoE Mobile Threat Catalogue
Yamato-Security/suzaku
Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.
yevh/TaaC-AI
AI-driven Threat modeling-as-a-Code (TaaC-AI)
ine-labs/ThreatSeeker
ThreatSeeker: Threat Hunting via Windows Event Logs
jymcheong/SysmonResources
Consolidation of various resources related to Microsoft Sysmon & sample data/log
monarc-project/MonarcAppFO
MONARC - Method for an Optimised aNAlysis of Risks by @NC3-LU
CERTCC/Vulnerability-Data-Archive
With the hope that someone finds the data useful, we used to periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
CloudDefenseAI/falco_extended_rules
Curating Falco rules with MITRE ATT&CK Matrix
rusakovichma/TicTaaC
Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. Sugar-Free and Secure: no any external dependencies except for chart plotting are used
redrays-io/SAP-Threat-Modeling
The SAP Threat Modeling Tool is an on-premises open-source web application designed to analyze and visualize connections between SAP systems, helping users identify security risks and vulnerabilities. With features like inputting SAP credentials, scanning for connections, and visualizing the network.
vc0RExor/Quick-Analysis
Quick analysis focusing on most important of a Malware or a Threat
MHaggis/app_splunk_sysmon_hunter
Splunk App to assist Sysmon Threat Hunting
EsreverWoW/ClassicThreatMeter
A simple threat meter for WoW Classic (1.13.2)