Alternatives and similar repositories for Threat_Hunting_with_ELK:

Users that are interested in Threat_Hunting_with_ELK are comparing it to the libraries listed below

• LennyLeng / SOC_Sankey_Generator
  ☆56Updated 4 years ago
• Kutim / docker-security
  docker 安全基线规范
  ☆90Updated 6 years ago
• hi-WenR0 / MLCheckWebshell
  ☆105Updated 7 years ago
• grayddq / PublicSecScan
  针对大量WEB资产进行分布式WEB安全扫描，发现web环境下常规的一些安全漏洞
  ☆100Updated 5 years ago
• NewBee119 / check_ip
  check_IP is to judge whether a IP is malicious based on open threat intelligence，基于开源威胁情报AlienVault，排查IP地址及域名的恶意性
  ☆52Updated 6 years ago
• sdlchina / sdlchina-web
  SDL China
  ☆33Updated 6 years ago
• se55i0n / Awvs_Nessus_Scanner_API
  扫描器Awvs 11和Nessus 7 Api利用脚本
  ☆113Updated 7 years ago
• pythonran / Pcap_tools
  网络流量可配置嗅探，流量包解析，漏洞规则扫描
  ☆83Updated 2 years ago
• grayddq / HIDS
  HIDS全称是Host-based Intrusion Detection System，即基于主机型入侵检测系统，HIDS运行依赖这样一个原理：一个成功的入侵者一般而言都会留下他们入侵的痕迹。本人更倾向于通过记录主机的重要信息变更来发现入侵者。 本项目由两部分组成：一部分…
  ☆104Updated 7 years ago
• grayddq / PassiveDataSorting
  自动化被动扫描系统分为数据源、数据处理、漏洞验证等三个子系统，本系统属于数据处理部分，抓取流量镜像的数据，进行分析过滤去重等操作，发送至消息队列中，等待PassiveSecCheck消费
  ☆35Updated 7 years ago
• cahi1l1yn / aclAuditor
  Audit your acl of network device
  ☆34Updated 4 years ago
• phantom0301 / VulCloud
  A Simple Web-UI for Vulhub (Docker) / 便捷的漏洞镜像管理部署Web应用
  ☆115Updated 6 years ago
• MisakiKata / watchfile
  基于inotify的Linux文件实时监控程序，同时调用河马扫描来检测文件
  ☆22Updated 4 years ago
• h7hac9 / ThreatCollector
  威胁情报采集系统
  ☆32Updated 2 years ago
• SkyBlueEternal / Machine-Learning-Bayesian-Algorithm-Packet-Inspection-webshell-discover
  机器学习流量检测webshell-基于深度包检测技术和贝叶斯算法的webshell检查程序
  ☆58Updated 5 years ago
• aedoo / Allscanner
  数据库和其他服务的弱端口的弱口令检测以及未授权访问的集成检测工具。 Weak password blasting of weak ports and integrated detection tools for unauthorized access.
  ☆132Updated 5 years ago
• zhongshendoushuizhao / everydaylearn
  i`m a cat ~ find fish
  ☆92Updated 4 years ago
• n4ll3ec / ThreatHound
  ThreatHound is a threat intelligence query tool use for detecting potentially malicious IP or domains. It combines the MISP open source t…
  ☆39Updated 5 years ago
• zhanghaoyil / seesaw
  Automatic reversed shell detecting and defensing
  ☆51Updated 6 years ago
• ysrc / shelldaddy
  跨平台 webshell 静态扫描器
  ☆34Updated 7 years ago
• grayddq / PubilcAssetInfo
  以甲方安全人员的视角，尽可能收集发现企业的域名和服务器公网IP资产
  ☆65Updated 7 years ago
• imiyoo2010 / teye_scanner_for_book
  《白帽子讲Web扫描》书籍参考代码
  ☆103Updated 3 years ago
• XiaoXiaoGuaiXiaShi / OpenSource-HoneyPot
  对开源蜜罐的学习研究与理解
  ☆56Updated 4 years ago
• OneChoose / setting
  学习炸七炸八
  ☆31Updated 6 years ago
• zj1244 / beholder_scanner
  一款监控端口变化的系统——beholder_scanner端
  ☆84Updated 8 months ago
• Qianlitp / WatchAD-Web
  A simple web platform for WatchAD
  ☆110Updated last year
• G4rb3n / Script-Ganker
  恶意脚本检测分类工具
  ☆40Updated 4 years ago
• RASSec / yandi-scanner
  Network Security Vulnerability Scanner
  ☆115Updated last year
• tianyulab / Hunting_lateral_movement
  《横向移动攻击与检测技术》专栏文章
  ☆16Updated 5 years ago
• lis912 / CapOS
  等级保护测评windows工具源码
  ☆68Updated 5 years ago