kunai-project / kunai

Related projects: ⓘ

• jatrost / awesome-detection-rules
  This is a collection of threat detection rules / rules engines that I have come across.
  ☆270Updated 4 months ago
• k1nd0ne / VolWeb
  A centralized and enhanced memory analysis platform
  ☆355Updated 2 weeks ago
• dfir-dd / dfir-toolkit
  CLI tools for forensic investigation of Windows artifacts
  ☆296Updated last month
• aquasecurity / traceeshark
  Deep Linux runtime visibility meets Wireshark
  ☆182Updated last week
• YARAHQ / yara-forge
  Automated YARA Rule Standardization and Quality Assurance Tool
  ☆154Updated this week
• activecm / rita
  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…
  ☆145Updated last week
• cado-security / varc
  Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…
  ☆248Updated 11 months ago
• Neo23x0 / Loki2
  LOKI2 - Simple IOC and YARA Scanner
  ☆77Updated last month
• cr0nx / awesome-linux-attack-forensics-purplelabs
  This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.
  ☆121Updated last year
• SigmaHQ / pySigma
  Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)
  ☆382Updated this week
• BushidoUK / Breach-Report-Collection
  A collection of companies that disclose adversary TTPs after they have been breached
  ☆236Updated 4 months ago
• M00NLIG7 / ChopChopGo
  Rapidly Search and Hunt through Linux Forensics Artifacts
  ☆174Updated 8 months ago
• Nirusu / how-to-setup-a-honeypot
  How to setup a honeypot with an IDS, ELK and TLS traffic inspection
  ☆150Updated 2 years ago
• 0x4D31 / detection-and-response-pipeline
  ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …
  ☆246Updated 7 months ago
• MISP / misp-playbooks
  MISP Playbooks
  ☆167Updated last month
• mitre / caldera-ot
  MITRE Caldera™ for OT Plugins & Capabilities
  ☆185Updated 8 months ago
• vm32 / Linux-Incident-Response
  practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response
  ☆356Updated 8 months ago
• redcanaryco / redcanary-ebpf-sensor
  Red Canary's eBPF Sensor
  ☆97Updated 2 months ago
• mthcht / ThreatHunting-Keywords
  Awesome list of keywords and artifacts for Threat Hunting sessions
  ☆436Updated 2 weeks ago
• volexity / threat-intel
  Signatures and IoCs from public Volexity blog posts.
  ☆307Updated last month
• SigmaHQ / sigma-cli
  The Sigma command line interface based on pySigma
  ☆130Updated last month
• FoxIO-LLC / LogSlash
  A standard for reducing log volume without sacrificing analytical capability
  ☆182Updated last year
• VirusTotal / yara-x
  A rewrite of YARA in Rust.
  ☆622Updated this week
• vm32 / Digital-Forensics-Script-for-Linux
  Advanced Bash script designed for conducting digital forensics on Linux systems
  ☆130Updated 5 months ago
• sublime-security / sublime-platform
  A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and contr…
  ☆160Updated 3 weeks ago
• unknownhad / CloudIntel
  This repo contains IOC, malware and malware analysis associated with Public cloud
  ☆241Updated this week
• srlabs / Certiception
  An ADCS honeypot to catch attackers in your internal network.
  ☆182Updated 2 months ago
• cgosec / Blauhaunt
  A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…
  ☆159Updated 5 months ago
• The-DFIR-Report / Sigma-Rules
  Rules generated from our investigations.
  ☆186Updated last month
• claroty / arya
  Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.
  ☆238Updated last year