kazuminn / vulsbeat

Related projects: ⓘ

• botherder / go-autoruns
  Collect autorun records from running system
  ☆59Updated 2 years ago
• zeek / zeek-agent-framework
  This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2
  ☆14Updated 3 years ago
• socprime / SigmaRulesIntegration
  ☆15Updated 6 years ago
• Benster900 / BlogProjects
  Various blog post projects.
  ☆10Updated 2 months ago
• jheise / yarascanner
  Golang based web service to scan files with yara rules
  ☆26Updated 7 years ago
• sandflysecurity / sandfly-file-decloak
  Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.
  ☆21Updated last year
• weslambert / securityonion-strelka
  ☆12Updated 4 years ago
• c2defense / windows-event-collection
  Subscriptions to collect Windows Event Logs mapped to the MITRE ATT&CK model
  ☆12Updated 3 years ago
• malice-plugins / get-mauled
  Download a Bunch of Malware for Demos and Testing
  ☆13Updated 5 years ago
• theparanoids / spicy-noise
  A Spicy protocol analyzer for WireGuard
  ☆27Updated 4 years ago
• Recruit-CSIRT / macOSTriageTool
  A DFIR tool to collect artifacts on macOS
  ☆53Updated 4 years ago
• tiburon-security / sriracha-iq
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆17Updated 4 years ago
• CptOfEvilMinions / ThreatHuntingEQLandBro
  Threat hunting with EQL and Bro. This repo contains modifications to EQL and EQLLib to use BRO logs.
  ☆8Updated 5 years ago
• cugu / ac
  ☆16Updated this week
• JimmyAstle / Atomic-Parser
  Python parser for Red Canary's Atomic Red Team Yamls
  ☆27Updated 5 years ago
• NextronSystems / simplesyslog
  Simple SYSLOG client in Go
  ☆21Updated 3 months ago
• Benster900 / ThreatWaffle
  Threat hunting repo for my independent study on threat hunting with OSQuery
  ☆28Updated 6 years ago
• wolfvan / YaraRET
  Carving tool based in Radare2 & Yara
  ☆16Updated 5 years ago
• CyberSift / OSQUERY-PACKS
  Osquery Packs we use for customer security hardening
  ☆12Updated 6 months ago
• TITO-Threat-Intel / TITO-Framework
  TITO is a light framework for operationalizing threat intelligence that is platform and data agnostic.
  ☆20Updated 4 years ago
• corelight / zeek-quic
  Bro analyzer that detects Google's QUIC protocol
  ☆10Updated 3 years ago
• cudeso / misp-training-environment
  Setting up a training environment for MISP
  ☆11Updated last year
• bromiley / pollen
  pollen - A command-line tool for interacting with TheHive
  ☆34Updated 5 years ago
• dirtyfilthy / siem-from-scratch
  SIEM-From-Scratch is a drop-in ELK based SIEM component for your Vagrant infosec lab
  ☆37Updated 4 years ago
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆15Updated 3 years ago
• telekom-security / acquire-aws-ec2
  A python script to acquire multiple aws ec2 instances in a forensically sound-ish way
  ☆37Updated 2 years ago
• michalpurzynski / suricata-rules
  Example Suricata rules implementing some of my detection tactics
  ☆20Updated last year
• OTRF / openhunt
  ☆33Updated 3 years ago
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated last year
• abhinavbom / clara
  Serverless, real-time, ClamAV+Yara scanning for your S3 Buckets
  ☆31Updated 3 months ago