threat-analysis

There are 93 repositories under threat-analysis topic.

MISP/MISP
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
Language:PHP5.9k 283 6.9k1.5k
cowrie/cowrie
Cowrie SSH/Telnet Honeypot https://docs.cowrie.org/
Language:Python5.9k 121 999974
deepfence/ThreatMapper
Open Source Cloud Native Application Protection Platform (CNAPP)
Language:TypeScript5.1k 54 606628
CYB3RMX/Qu1cksc0pe
All-in-One malware analysis tool.
Language:YARA1.7k 29 33224
InQuest/ThreatIngestor
Extract and aggregate threat intelligence.
Language:Python881 40 102136
satan1a/TheRoadOfSO
学习安全运营的记录 | The knowledge base of security operation
Language:HTML837 9 1174
ion-storm/sysmon-config
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
Language:PowerShell809 87 22144
TalEliyahu/Threat_Model_Examples
A collection of real-world threat model examples across various technologies, providing practical insights into identifying and mitigating security risks.
458 11 071
utkusen/baitroute
A web honeypot library to create vulnerable-looking endpoints to detect and mislead attackers
Language:Go431 1 124
zdhenard42/SOC-Multitool
A powerful and user-friendly browser extension that streamlines investigations for security professionals.
Language:JavaScript350 10 642
utmstack/UTMStack
Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.
Language:Java325 10 26033
ecstatic-nobel/OSweep
Don't Just Search OSINT. Sweep It.
Language:Python316 27 1064
t4d/PhishingKitHunter
Find phishing kits which use your brand/organization's files and image.
Language:Python235 16 157
jackaduma/SecBERT
pretrained BERT model for cyber security text, learned CyberSecurity Knowledge
Language:Python188 5 533
alvin-tosh/Infosec-and-Hacking-Scripts
🚀 This is a collection of hacking🔥 and pentesting 🧐 scripts to help with enumeration, OSINT, exploitation and post exploitation automated scripts to make hacking easier🌠. Have fun!😎
Language:Python177 6 047
Graylog2/graylog-plugin-threatintel
Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases
Language:Java155 27 8419
mthcht/ThreatIntel-Reports
Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports
Language:Python136 4 315
ecstatic-nobel/Analyst-Arsenal
A toolkit for Security Researchers
Language:Python128 6 633
401trg/detections
This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.
Language:Python122 25 020
ethansilvas/google-cybersecurity
Projects, notes, and write-ups I have done while completing the Google Cybersecurity Certificate
Language:Jupyter Notebook122 3 026
curated-intel/Threat-Actor-Profile-Guide
The Threat Actor Profile Guide for CTI Analysts
106 4 014
CERTCC/Vulnerability-Data-Archive
With the hope that someone finds the data useful, we used to periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
96 12 422
CloudDefenseAI/falco_extended_rules
Curating Falco rules with MITRE ATT&CK Matrix
Language:Python84 2 015
jackaduma/ThreatReportExtractor
Extracting Attack Behavior from Threat Reports
Language:Python76 3 118
tatsuiman/malware-traffic-analysis.net
Download pcap files from http://www.malware-traffic-analysis.net/
75 4 122
bobby-tablez/IP-Obfuscator
Hide an IP address in scripts using hex/decimal/octal conversions
Language:PowerShell71 1 110
jh00nbr/Phishruffus
Intelligent threat hunter and phishing servers
Language:Python47 4 125
paulveillard/cybersecurity-threat-detection
An ongoing & curated collection of awesome software best practices and remediation techniques, libraries and frameworks, E-books and videos, Technical guidelines and important resources about Threat Detection & Hunting.
41 5 09
Truvis/Suricata_Threat-Hunting-Rules
Collection of Suricata rule sets that I use modified to my environments.
39 4 011
danieleperera/SocAnalystArsenal
Quick SOC L1 ticket structure
Language:Python35 3 013
AzAgarampur/PsForge
Process Hollowing demonstration & explanation
Language:C++34 5 010
security-union/going-fishing-with-my-raspberry-pi
23 8 06
401trg/utilities
This repository contains tools used by 401trg.
Language:Python20 3 04
trickest/packages
Automated compromise detection of the world's most popular packages
17 3 03
SCS-Labs/TheWatchList
Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.
16 2 01
wisepythagoras/honeyshell
An SSH honeypot written entirely in Go.
Language:Go13 2 02

threat-analysis

MISP/MISP

cowrie/cowrie

deepfence/ThreatMapper

CYB3RMX/Qu1cksc0pe

InQuest/ThreatIngestor

satan1a/TheRoadOfSO

ion-storm/sysmon-config

TalEliyahu/Threat_Model_Examples

utkusen/baitroute

zdhenard42/SOC-Multitool

utmstack/UTMStack

ecstatic-nobel/OSweep

t4d/PhishingKitHunter

jackaduma/SecBERT

alvin-tosh/Infosec-and-Hacking-Scripts

Graylog2/graylog-plugin-threatintel

mthcht/ThreatIntel-Reports

ecstatic-nobel/Analyst-Arsenal

401trg/detections

ethansilvas/google-cybersecurity

curated-intel/Threat-Actor-Profile-Guide

CERTCC/Vulnerability-Data-Archive

CloudDefenseAI/falco_extended_rules

jackaduma/ThreatReportExtractor

tatsuiman/malware-traffic-analysis.net

bobby-tablez/IP-Obfuscator

jh00nbr/Phishruffus

paulveillard/cybersecurity-threat-detection

Truvis/Suricata_Threat-Hunting-Rules

danieleperera/SocAnalystArsenal

AzAgarampur/PsForge

security-union/going-fishing-with-my-raspberry-pi

401trg/utilities

trickest/packages

SCS-Labs/TheWatchList

wisepythagoras/honeyshell