threat-analysis
There are 87 repositories under threat-analysis topic.
MISP/MISP
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
cowrie/cowrie
Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io
deepfence/ThreatMapper
Open Source Cloud Native Application Protection Platform (CNAPP)
CYB3RMX/Qu1cksc0pe
All-in-One malware analysis tool.
InQuest/ThreatIngestor
Extract and aggregate threat intelligence.
ion-storm/sysmon-config
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
satan1a/TheRoadOfSO
学习安全运营的记录 | The knowledge base of security operation
TalEliyahu/Threat_Model_Examples
Collection of Threat Models
zdhenard42/SOC-Multitool
A powerful and user-friendly browser extension that streamlines investigations for security professionals.
ecstatic-nobel/OSweep
Don't Just Search OSINT. Sweep It.
t4d/PhishingKitHunter
Find phishing kits which use your brand/organization's files and image.
jackaduma/SecBERT
pretrained BERT model for cyber security text, learned CyberSecurity Knowledge
Graylog2/graylog-plugin-threatintel
Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases
alvin-tosh/Infosec-and-Hacking-Scripts
🚀 This is a collection of hacking🔥 and pentesting 🧐 scripts to help with enumeration, OSINT, exploitation and post exploitation automated scripts to make hacking easier🌠. Have fun!😎
ecstatic-nobel/Analyst-Arsenal
A toolkit for Security Researchers
401trg/detections
This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.
curated-intel/Threat-Actor-Profile-Guide
The Threat Actor Profile Guide for CTI Analysts
CERTCC/Vulnerability-Data-Archive
With the hope that someone finds the data useful, we used to periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
jackaduma/ThreatReportExtractor
Extracting Attack Behavior from Threat Reports
CloudDefenseAI/falco_extended_rules
Curating Falco rules with MITRE ATT&CK Matrix
tatsuiman/malware-traffic-analysis.net
Download pcap files from http://www.malware-traffic-analysis.net/
ethansilvas/google-cybersecurity
Projects, notes, and write-ups I have done while completing the Google Cybersecurity Certificate
bobby-tablez/IP-Obfuscator
Hide an IP address in scripts using hex/decimal/octal conversions
jh00nbr/Phishruffus
Intelligent threat hunter and phishing servers
Truvis/Suricata_Threat-Hunting-Rules
Collection of Suricata rule sets that I use modified to my environments.
danieleperera/SocAnalystArsenal
Quick SOC L1 ticket structure
paulveillard/cybersecurity-threat-detection
An ongoing & curated collection of awesome software best practices and remediation techniques, libraries and frameworks, E-books and videos, Technical guidelines and important resources about Threat Detection & Hunting.
AzAgarampur/PsForge
Process Hollowing demonstration & explanation
401trg/utilities
This repository contains tools used by 401trg.
SCS-Labs/TheWatchList
Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.
trickest/packages
Automated compromise detection of the world's most popular packages
Heimdall-Framework/heimdall-framework
USB threat evaluation framework for Linux
MISP/misp-decaying-models
MISP decaying models
xakepnz/STRIKEWRITER
Looks up details on a public IPV4 address against ip-info and blacklist-search sites. Providing a reputation check.
wisepythagoras/honeyshell
An SSH honeypot written entirely in Go.