0x4D31 / galahView external linksLinks
Galah: An LLM-powered web honeypot.
☆635Jul 24, 2025Updated 6 months ago
Alternatives and similar repositories for galah
Users that are interested in galah are comparing it to the libraries listed below
Sorting:
- Modular web-application honeypot platform built using go and gin☆63May 8, 2024Updated last year
- AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…☆1,207Dec 29, 2025Updated last month
- DECeption with Evaluative Integrated Validation Engine (DECEIVE): Let an LLM do all the hard honeypot work!☆274Jun 13, 2025Updated 8 months ago
- ☆567Mar 28, 2024Updated last year
- ☆102Dec 9, 2025Updated 2 months ago
- Live Feed of C2 servers, tools, and botnets☆745Updated this week
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆151Sep 21, 2024Updated last year
- Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for pre…☆51Nov 16, 2024Updated last year
- SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…☆34Oct 21, 2025Updated 3 months ago
- Intel Retrieval Augmented Generation (RAG) Utilities☆91Jan 29, 2024Updated 2 years ago
- Threat-hunting tool for Linux☆1,035Feb 3, 2026Updated last week
- AIL project training materials☆39Jul 17, 2025Updated 6 months ago
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,924Jan 20, 2026Updated 3 weeks ago
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆225Sep 4, 2024Updated last year
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆757Jan 28, 2025Updated last year
- Generate datasets of cloud audit logs for common attacks☆232Updated this week
- A public collection of detections designed to detect threats associated with the Okta WIC Platform.☆13Jan 5, 2026Updated last month
- Mapping of open-source detection rules and atomic tests.☆195Updated this week
- JA4+ is a suite of network fingerprinting standards☆1,761Updated this week
- Fingerprint-aware TLS reverse proxy. Use Finch to outsmart bad traffic—collect client fingerprints (JA3, JA4 +QUIC, JA4H, HTTP/2) and act…☆283Dec 6, 2025Updated 2 months ago
- Repository that contains a set of purposefully erroneous Yara rules.☆61Jul 23, 2025Updated 6 months ago
- NOVA: The Prompt Pattern Matching☆90Jan 27, 2026Updated 2 weeks ago
- Signature based honeypot detector tool written in Golang☆108Mar 22, 2025Updated 10 months ago
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆300Feb 7, 2026Updated last week
- Automating situational awareness for cloud penetration tests.☆2,289Feb 5, 2026Updated last week
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.☆339Updated this week
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆3,014Feb 4, 2026Updated last week
- A Powerful Network Reconnaissance Tool for Security Professionals☆106Dec 29, 2024Updated last year
- The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).☆411Updated this week
- A web fuzzer using the httpipe format☆98Mar 29, 2024Updated last year
- A modular vulnerability scanner with automatic report generation capabilities.☆1,116Updated this week
- practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response☆408Dec 29, 2023Updated 2 years ago
- FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is de…☆817Feb 17, 2025Updated 11 months ago
- Automation tool for Windows Deception Host Burn-In☆86Dec 4, 2024Updated last year
- Windows Events Attack Samples☆2,507Jan 24, 2023Updated 3 years ago
- Public Repo for Atomic Test Harness☆283Apr 8, 2025Updated 10 months ago
- An offensive data enrichment pipeline☆914Updated this week
- IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.☆106Nov 24, 2023Updated 2 years ago
- ☆185Updated this week