Fallenour / Venator
Security Operations Center Multiple Purpose Tool, takes IP address input, conducts OSINT, conducts splunk, bro, fireeye, imperva, and firewall search, collects screenshots, generates report, injects captured artifacts into report, saves generated report with artifacts into a specified directory
☆21Updated 7 years ago
Alternatives and similar repositories for Venator:
Users that are interested in Venator are comparing it to the libraries listed below
- ☆30Updated 6 years ago
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.☆14Updated 6 years ago
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 6 years ago
- ☆76Updated 6 years ago
- Use DNS to hunt for threats including DGAs☆15Updated 9 years ago
- Home to the ActorTrackr source code��☆24Updated 7 years ago
- 504 VSAgent☆23Updated 7 years ago
- OSSEC Decoder & Rulesets for Sysmon Events☆15Updated 9 years ago
- Six Degrees of Domain Admin☆15Updated 7 years ago
- A simple utility to check the status of and/or disable SMBv1 on Windows system via Cb Response's Live Response functionality.☆15Updated 5 years ago
- Lutech TMS EHAT-NG☆14Updated 7 years ago
- PowerShell Memory Pulling script☆19Updated 10 years ago
- Site for IWS book content☆18Updated 6 years ago
- ☆16Updated 7 years ago
- PortPlow is a distributed port and system scanning & enumeration service. It enables the quick and automated enumeration of ports and ser…☆53Updated 4 months ago
- Comprehensive Pivoting Framework☆20Updated 8 years ago
- PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…☆51Updated 5 years ago
- ☆25Updated 8 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Updated 7 years ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆27Updated 7 years ago
- Repository for my ATT&CK analysis research.☆69Updated 5 years ago
- A collection of scripts that I've written while pentesting.☆31Updated 6 years ago
- A powershell script that prints a lot of IP and connection info to the screen☆31Updated 8 years ago
- Splunk App to assist Sysmon Threat Hunting☆38Updated 8 years ago
- Scandiff is a PowerShell script to automate host discovery and scanning with nmap. After discovering and scanning hosts, scandiff perfor…☆17Updated 10 years ago
- Presentation Slides and Video links☆32Updated 3 years ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Updated 6 years ago
- References for FIRST CTI 2019 Symposium presentation☆22Updated 6 years ago
- Checks observables/ioc in TheHive/Cortex against the MISP warningslists☆14Updated 7 years ago
- A collection of useful scripts☆23Updated 6 years ago