Galah: An LLM-powered web honeypot.
☆635Jul 24, 2025Updated 7 months ago
Alternatives and similar repositories for galah
Users that are interested in galah are comparing it to the libraries listed below
Sorting:
- Interactive, dynamic, and realistic LLM honeypots☆73Feb 18, 2025Updated last year
- Modular web-application honeypot platform built using go and gin☆63May 8, 2024Updated last year
- Code for shelLM tool☆57Jan 28, 2025Updated last year
- AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…☆1,206Dec 29, 2025Updated 2 months ago
- DECeption with Evaluative Integrated Validation Engine (DECEIVE): Let an LLM do all the hard honeypot work!☆277Jun 13, 2025Updated 8 months ago
- ☆568Mar 28, 2024Updated last year
- ☆105Dec 9, 2025Updated 2 months ago
- Live Feed of C2 servers, tools, and botnets☆751Updated this week
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆151Sep 21, 2024Updated last year
- Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for pre…☆51Nov 16, 2024Updated last year
- Intel Retrieval Augmented Generation (RAG) Utilities☆91Jan 29, 2024Updated 2 years ago
- Threat-hunting tool for Linux☆1,046Feb 16, 2026Updated 2 weeks ago
- SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…☆35Oct 21, 2025Updated 4 months ago
- AIL project training materials☆39Feb 24, 2026Updated last week
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,930Jan 20, 2026Updated last month
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆224Sep 4, 2024Updated last year
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆774Jan 28, 2025Updated last year
- Generate datasets of cloud audit logs for common attacks☆234Feb 13, 2026Updated 3 weeks ago
- Mapping of open-source detection rules and atomic tests.☆202Feb 16, 2026Updated 2 weeks ago
- A public collection of detections designed to detect threats associated with the Okta WIC Platform.☆14Jan 5, 2026Updated 2 months ago
- JA4+ is a suite of network fingerprinting standards☆1,785Feb 17, 2026Updated 2 weeks ago
- Fingerprint-aware TLS reverse proxy. Use Finch to outsmart bad traffic—collect client fingerprints (JA3, JA4 +QUIC, JA4H, HTTP/2) and act…☆286Dec 6, 2025Updated 3 months ago
- Repository that contains a set of purposefully erroneous Yara rules.☆62Jul 23, 2025Updated 7 months ago
- Signature based honeypot detector tool written in Golang☆108Mar 22, 2025Updated 11 months ago
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆303Updated this week
- NOVA: The Prompt Pattern Matching☆109Jan 27, 2026Updated last month
- Automating situational awareness for cloud penetration tests.☆2,299Updated this week
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.☆339Updated this week
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆3,051Feb 24, 2026Updated last week
- The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).☆412Updated this week
- A Powerful Network Reconnaissance Tool for Security Professionals☆106Dec 29, 2024Updated last year
- A web fuzzer using the httpipe format☆98Mar 29, 2024Updated last year
- practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response☆408Dec 29, 2023Updated 2 years ago
- FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is de…☆816Feb 17, 2025Updated last year
- A modular vulnerability scanner with automatic report generation capabilities.☆1,135Updated this week
- Automation tool for Windows Deception Host Burn-In☆86Dec 4, 2024Updated last year
- Windows Events Attack Samples☆2,517Jan 24, 2023Updated 3 years ago
- Public Repo for Atomic Test Harness☆284Apr 8, 2025Updated 10 months ago
- IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.☆106Nov 24, 2023Updated 2 years ago