MISP (core software) - Open Source Threat Intelligence and Sharing Platform
-
Updated
Dec 22, 2024 - PHP
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Sysmon configuration file template with default high-quality event tracing
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
IntelOwl: manage your Threat Intelligence at scale
The Hunting ELK
A curated list of awesome YARA rules, tools, and people.
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest, VxExchange and IPInfo, and it is also able to scan Android devices against VT.
Real-time HTTP Intrusion Detection
A repository of sysmon configuration modules
YARA signature and IOC database for my scanners and tools
Interesting APT Report Collection And Some Special IOC
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Windows Events Attack Samples
Your Everyday Threat Intelligence
Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.
Add a description, image, and links to the threat-hunting topic page so that developers can more easily learn about it.
To associate your repository with the threat-hunting topic, visit your repo's landing page and select "manage topics."