Alternatives and similar repositories for Threat_Hunting_with_ELK

Users that are interested in Threat_Hunting_with_ELK are comparing it to the libraries listed below

• LennyLeng / SOC_Sankey_Generator
  ☆57Updated 5 years ago
• Qianlitp / WatchAD-Web
  A simple web platform for WatchAD
  ☆110Updated 2 years ago
• Kutim / docker-security
  docker 安全基线规范
  ☆90Updated 7 years ago
• n4ll3ec / ThreatHound
  ThreatHound is a threat intelligence query tool use for detecting potentially malicious IP or domains. It combines the MISP open source t…
  ☆40Updated 6 years ago
• grayddq / PublicSecScan
  针对大量WEB资产进行分布式WEB安全扫描，发现web环境下常规的一些安全漏洞
  ☆100Updated 6 years ago
• sdlchina / sdlchina-web
  SDL China
  ☆33Updated 7 years ago
• se55i0n / Awvs_Nessus_Scanner_API
  扫描器Awvs 11和Nessus 7 Api利用脚本
  ☆112Updated 7 years ago
• RASSec / yandi-scanner
  Network Security Vulnerability Scanner
  ☆115Updated 2 years ago
• SkyBlueEternal / Machine-Learning-Bayesian-Algorithm-Packet-Inspection-webshell-discover
  机器学习流量检测webshell-基于深度包检测技术和贝叶斯算法的webshell检查程序
  ☆57Updated 6 years ago
• NewBee119 / check_ip
  check_IP is to judge whether a IP is malicious based on open threat intelligence，基于开源威胁情报AlienVault，排查IP地址及域名的恶意性
  ☆53Updated 7 years ago
• grayddq / PassiveDataSorting
  自动化被动扫描系统分为数据源、数据处理、漏洞验证等三个子系统，本系统属于数据处理部分，抓取流量镜像的数据，进行分析过滤去重等操作，发送至消息队列中，等待PassiveSecCheck消费
  ☆34Updated 8 years ago
• RASSec / A_Scan_Framework
  Network Security Vulnerability Manage
  ☆130Updated 2 years ago
• pythonran / Pcap_tools
  网络流量可配置嗅探，流量包解析，漏洞规则扫描
  ☆84Updated 3 years ago
• phantom0301 / VulCloud
  A Simple Web-UI for Vulhub (Docker) / 便捷的漏洞镜像管理部署Web应用
  ☆115Updated 6 years ago
• grayddq / HIDS
  HIDS全称是Host-based Intrusion Detection System，即基于主机型入侵检测系统，HIDS运行依赖这样一个原理：一个成功的入侵者一般而言都会留下他们入侵的痕迹。本人更倾向于通过记录主机的重要信息变更来发现入侵者。 本项目由两部分组成：一部分…
  ☆106Updated 7 years ago
• cahi1l1yn / aclAuditor
  Audit your acl of network device
  ☆34Updated 5 years ago
• XiaoXiaoGuaiXiaShi / OpenSource-HoneyPot
  对开源蜜罐的学习研究与理解
  ☆55Updated 4 years ago
• MisakiKata / watchfile
  基于inotify的Linux文件实时监控程序，同时调用河马扫描来检测文件
  ☆22Updated 5 years ago
• momosecurity / cornerstone
  Linux命令转发记录
  ☆63Updated 6 years ago
• hi-WenR0 / MLCheckWebshell
  ☆106Updated 7 years ago
• imiyoo2010 / teye_scanner_for_book
  《白帽子讲Web扫描》书籍参考代码
  ☆103Updated 3 years ago
• lis912 / CapOS
  等级保护测评windows工具源码
  ☆69Updated 6 years ago
• h7hac9 / ThreatCollector
  威胁情报采集系统
  ☆33Updated 3 years ago
• Lee-0x00 / sec-awvs-agent
  High Concurrency of Awvs Scan Agent By AWVS HTTP API
  ☆42Updated 8 years ago
• zhanghaoyil / seesaw
  Automatic reversed shell detecting and defensing
  ☆52Updated 7 years ago
• ysrc / shelldaddy
  跨平台 webshell 静态扫描器
  ☆34Updated 7 years ago
• Gin-Cy / bugeditor
  bugeditor
  ☆41Updated 7 years ago
• b0bac / SecurityTools
  日常积累的安全工具与代码、脚本
  ☆45Updated 2 weeks ago
• netxfly / docker-remote-api-exp
  docker remote api未授权访问的利用代码
  ☆50Updated 8 years ago
• phantom0301 / PTEye
  Phantom eye——A passive business logic vulnerability auditing tool
  ☆55Updated 6 years ago