dogoncouch / logdissect

Related projects: ⓘ

• PUNCH-Cyber / stoq
  An open source framework for enterprise level automated analysis.
  ☆393Updated 2 years ago
• veeral-patel / incidents
  Please use https://github.com/veeral-patel/true-positive instead
  ☆65Updated last year
• tenzir / threatbus
  🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
  ☆255Updated last year
• EmersonElectricCo / boomerang
  A tool designed for consistent and safe capture of off network web resources.
  ☆35Updated 7 years ago
• keithjjones / fileintel
  A modular Python application to pull intelligence about malicious files
  ☆117Updated 3 years ago
• EmersonElectricCo / fsf
  File Scanning Framework
  ☆285Updated 3 years ago
• target / huntlib
  A Python library to help with some common threat hunting data analysis operations
  ☆138Updated last year
• google / GiftStick
  1-Click push forensics evidence to the cloud
  ☆137Updated 2 months ago
• mvelazc0 / Oriana
  Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…
  ☆175Updated 3 years ago
• Soinull / assimilate
  Assimilate is a series of scripts for using the Naïve Bayes algorithm to find potential malicious activity in HTTP headers
  ☆90Updated 6 years ago
• OTRF / notebooks-forge
  A collection of notebooks built for defensive and offensive operations.
  ☆76Updated 3 years ago
• kamushadenes / cefevent
  ArcSight's Common Event Format library
  ☆36Updated 10 months ago
• TheHive-Project / Hippocampe
  Threat Feed Aggregation, Made Easy
  ☆166Updated 4 years ago
• GreyNoise-Intelligence / pygreynoise
  Python3 library and command line for GreyNoise
  ☆149Updated this week
• MISP / misp-dashboard
  A live dashboard for a real-time overview of threat intelligence from MISP instances
  ☆192Updated last year
• mandiant / GeoLogonalyzer
  GeoLogonalyzer is a utility to analyze remote access logs for anomalies such as travel feasibility and data center sources.
  ☆195Updated last month
• ThreatHuntingProject / hunter
  A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.
  ☆234Updated 3 years ago
• orlikoski / CDQR
  The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…
  ☆332Updated 2 years ago
• csirtgadgets / bearded-avenger
  CIF v3 -- the fastest way to consume threat intelligence
  ☆181Updated last year
• ralphje / imagemounter
  Command line utility and Python package to ease the (un)mounting of forensic disk images
  ☆116Updated last year
• DomainTools / python_api
  DomainTools Official Python API
  ☆79Updated this week
• PUNCH-Cyber / stoq-plugins-public
  stoQ Public Plugins
  ☆71Updated last year
• securityclippy / elasticintel
  Serverless, low cost, threat intel aggregation for enterprise or personal use, backed by ElasticSearch.
  ☆139Updated last year
• MISP / docker-misp
  Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
  ☆104Updated 8 months ago
• sublime-security / static-files
  A collection of static files maintained by the Sublime team, primarily used for phishing defense.
  ☆84Updated last week
• brianwarehime / threatnote
  ☆139Updated this week
• opensourcesec / Forager
  Multithreaded threat Intelligence gathering built with Python3
  ☆168Updated 6 years ago
• theflakes / Ultimate-Forensics-VM
  Evolving directions on building the best Open Source Forensics VM
  ☆160Updated 6 years ago
• sonofagl1tch / OSHardening
  This repo contains all of my OS hardening scripts
  ☆68Updated 6 years ago
• paragbaxi / qualysapi
  Qualys API connector.
  ☆103Updated last month