cisagov / Malcolm

Related projects ⓘ

Alternatives and complementary repositories for Malcolm

• activecm / rita-legacy
  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…
  ☆2,509Updated 3 months ago
• mitre-attack / attack-navigator
  Web app that provides basic navigation and annotation of ATT&CK matrices
  ☆1,999Updated last week
• mitre / cti
  Cyber Threat Intelligence Repository expressed in STIX 2.0
  ☆1,740Updated last week
• Velocidex / velociraptor
  Digging Deeper....
  ☆2,966Updated this week
• rabobank-cdc / DeTTECT
  Detect Tactics, Techniques & Combat Threats
  ☆2,062Updated this week
• Neo23x0 / signature-base
  YARA signature and IOC database for my scanners and tools
  ☆2,476Updated this week
• TheHive-Project / Cortex
  Cortex: a Powerful Observable Analysis and Active Response Engine
  ☆1,342Updated last week
• olafhartong / sysmon-modular
  A repository of sysmon configuration modules
  ☆2,658Updated 2 months ago
• NextronSystems / APTSimulator
  A toolset to make a system look as if it was the victim of an APT attack
  ☆2,463Updated last year
• yeti-platform / yeti
  Your Everyday Threat Intelligence
  ☆1,739Updated this week
• OTRF / Security-Datasets
  Re-play Security Events
  ☆1,601Updated 7 months ago
• JPCERTCC / LogonTracer
  Investigate malicious Windows logon by visualizing and analyzing Windows event log
  ☆2,728Updated 4 months ago
• philhagen / sof-elk
  Configuration files for the SOF-ELK VM
  ☆1,493Updated this week
• OTRF / OSSEM
  Open Source Security Events Metadata (OSSEM)
  ☆1,238Updated last year
• ThreatHuntingProject / ThreatHunting
  An informational repo about hunting for adversaries in your IT environment.
  ☆1,716Updated 2 years ago
• mitre-attack / car
  Cyber Analytics Repository
  ☆905Updated 7 months ago
• InQuest / awesome-yara
  A curated list of awesome YARA rules, tools, and people.
  ☆3,546Updated 2 months ago
• StamusNetworks / SELKS
  A Suricata based IDS/IPS/NSM distro
  ☆1,476Updated 2 months ago
• Neo23x0 / Loki
  Loki - Simple IOC and YARA Scanner
  ☆3,395Updated last week
• Security-Onion-Solutions / securityonion
  Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own in…
  ☆3,249Updated this week
• OTRF / ThreatHunter-Playbook
  A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…
  ☆4,018Updated 8 months ago
• Neo23x0 / yarGen
  yarGen is a generator for YARA rules
  ☆1,552Updated 5 months ago
• idaholab / Malcolm
  Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…
  ☆358Updated this week
• alphasoc / flightsim
  A utility to safely generate malicious network traffic patterns and evaluate controls.
  ☆1,256Updated 7 months ago
• InQuest / ThreatIngestor
  Extract and aggregate threat intelligence.
  ☆830Updated 9 months ago
• outflanknl / RedELK
  Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term o…
  ☆2,381Updated last month
• yampelo / beagle
  Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
  ☆1,271Updated last year
• TheHive-Project / TheHive
  TheHive: a Scalable, Open Source and Free Security Incident Response Platform
  ☆3,435Updated last year
• HASecuritySolutions / VulnWhisperer
  Create actionable data from your Vulnerability Scans
  ☆1,356Updated last year
• sans-blue-team / DeepBlueCLI
  ☆2,185Updated last year