thomaspatzke / Log4Pot

Related projects ⓘ

Alternatives and complementary repositories for Log4Pot

• carbonblack / active_c2_ioc_public
  Active C2 IoCs
  ☆96Updated last year
• splunk / melting-cobalt
  A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object
  ☆164Updated 2 years ago
• cedowens / C2-JARM
  A list of JARM hashes for different ssl implementations used by some C2/red team tools.
  ☆135Updated last year
• Ben0xA / HoneyCreds
  HoneyCreds network credential injection to detect responder and other network poisoners.
  ☆214Updated 3 years ago
• mvelazc0 / attack2jira
  attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage
  ☆111Updated last year
• NextronSystems / valhallaAPI
  Valhalla API Client
  ☆63Updated last year
• BinaryDefense / beacon-fronting
  A simple command line program to help defender test their detections for network beacon patterns and domain fronting
  ☆65Updated 2 years ago
• BushidoUK / Abused-Legitimate-Services
  Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
  ☆57Updated 2 years ago
• malienist / lupo
  Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation
  ☆104Updated 2 years ago
• mandiant / goauditparser
  ☆43Updated last year
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆72Updated 2 years ago
• NVISOsecurity / nviso-cti
  ☆41Updated 7 months ago
• theflakes / reg_hunter
  Blueteam operational triage registry hunting/forensic tool.
  ☆142Updated last year
• BushidoUK / Exploring-APT-campaigns
  Further investigation in to APT campaigns disclosed by private security firms and security agencies
  ☆80Updated 2 years ago
• 0xThiebaut / sigmai
  Import specific data sources into the Sigma generic and open signature format.
  ☆77Updated 2 years ago
• jwillyamz / ezEmu
  See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)
  ☆102Updated last year
• shabarkin / pointer
  Pointer was developed for massive hunting and mapping Cobalt Strike servers exposed on the internet.
  ☆65Updated 2 years ago
• olafhartong / Presentations
  My conference presentations
  ☆66Updated last year
• CrowdStrike / xwf-yara-scanner
  ☆84Updated 8 months ago
• hpthreatresearch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆144Updated last year
• alex-cart / LEAF
  Linux Evidence Acquisition Framework
  ☆113Updated last month
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆76Updated 2 years ago
• 3CORESec / S2AN
  S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
  ☆84Updated last year
• lp-db / lp-db
  Login Pages Database forms a knowledge base on login pages related to malicious activities (C2 panels, phishing kits...).
  ☆38Updated last year
• zerofox-oss / phishpond
  Because phishtank was taken.. explore phishing kits in a contained environment!
  ☆43Updated 2 years ago
• ThreatLabz / iocs
  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
  ☆65Updated last week
• curated-intel / Initial-Access-Broker-Landscape
  A visualized overview of the Initial Access Broker (IAB) cybercrime landscape
  ☆107Updated 3 years ago
• ninoseki / uzen
  Website crawler with YARA detection
  ☆88Updated last year
• bonjourmalware / melody
  Melody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulatio…
  ☆138Updated 3 years ago
• lawiet47 / autoresponder
  Carbon Black Response IR tool
  ☆53Updated 3 years ago