Alternatives and similar repositories for Threat_Hunting_with_ELK:

Users that are interested in Threat_Hunting_with_ELK are comparing it to the libraries listed below

• LennyLeng / SOC_Sankey_Generator
  ☆56Updated 4 years ago
• Kutim / docker-security
  docker 安全基线规范
  ☆90Updated 6 years ago
• se55i0n / Awvs_Nessus_Scanner_API
  扫描器Awvs 11和Nessus 7 Api利用脚本
  ☆113Updated 7 years ago
• grayddq / PublicSecScan
  针对大量WEB资产进行分布式WEB安全扫描，发现web环境下常规的一些安全漏洞
  ☆100Updated 5 years ago
• sdlchina / sdlchina-web
  SDL China
  ☆33Updated 6 years ago
• cahi1l1yn / aclAuditor
  Audit your acl of network device
  ☆34Updated 4 years ago
• pythonran / Pcap_tools
  网络流量可配置嗅探，流量包解析，漏洞规则扫描
  ☆83Updated 2 years ago
• XiaoXiaoGuaiXiaShi / OpenSource-HoneyPot
  对开源蜜罐的学习研究与理解
  ☆55Updated 4 years ago
• grayddq / HIDS
  HIDS全称是Host-based Intrusion Detection System，即基于主机型入侵检测系统，HIDS运行依赖这样一个原理：一个成功的入侵者一般而言都会留下他们入侵的痕迹。本人更倾向于通过记录主机的重要信息变更来发现入侵者。 本项目由两部分组成：一部分…
  ☆103Updated 7 years ago
• Qianlitp / WatchAD-Web
  A simple web platform for WatchAD
  ☆110Updated last year
• h7hac9 / ThreatCollector
  威胁情报采集系统
  ☆32Updated 2 years ago
• hi-WenR0 / MLCheckWebshell
  ☆105Updated 7 years ago
• MisakiKata / watchfile
  基于inotify的Linux文件实时监控程序，同时调用河马扫描来检测文件
  ☆22Updated 4 years ago
• Wuy1f4n / Sec-Tools-List
  渗透测试中的一些开源工具按照Att&ck 流程进行归类
  ☆76Updated 5 years ago
• grayddq / PubilcAssetInfo
  以甲方安全人员的视角，尽可能收集发现企业的域名和服务器公网IP资产
  ☆65Updated 7 years ago
• SkyBlueEternal / Machine-Learning-Bayesian-Algorithm-Packet-Inspection-webshell-discover
  机器学习流量检测webshell-基于深度包检测技术和贝叶斯算法的webshell检查程序
  ☆57Updated 5 years ago
• aedoo / Allscanner
  数据库和其他服务的弱端口的弱口令检测以及未授权访问的集成检测工具。 Weak password blasting of weak ports and integrated detection tools for unauthorized access.
  ☆132Updated 5 years ago
• zj1244 / beholder_scanner
  一款监控端口变化的系统——beholder_scanner端
  ☆83Updated 7 months ago
• netxfly / docker-remote-api-exp
  docker remote api未授权访问的利用代码
  ☆50Updated 8 years ago
• RASSec / yandi-scanner
  Network Security Vulnerability Scanner
  ☆115Updated last year
• lis912 / CapOS
  等级保护测评windows工具源码
  ☆68Updated 5 years ago
• phantom0301 / VulCloud
  A Simple Web-UI for Vulhub (Docker) / 便捷的漏洞镜像管理部署Web应用
  ☆115Updated 6 years ago
• NewBee119 / check_ip
  check_IP is to judge whether a IP is malicious based on open threat intelligence，基于开源威胁情报AlienVault，排查IP地址及域名的恶意性
  ☆51Updated 6 years ago
• ucstone / Nessus-Tranlator
  ☆25Updated 4 years ago
• grayddq / PassiveDataSorting
  自动化被动扫描系统分为数据源、数据处理、漏洞验证等三个子系统，本系统属于数据处理部分，抓取流量镜像的数据，进行分析过滤去重等操作，发送至消息队列中，等待PassiveSecCheck消费
  ☆35Updated 7 years ago
• OneChoose / setting
  学习炸七炸八
  ☆31Updated 5 years ago
• chiww / PMon
  ☆36Updated 4 years ago
• seecode-audit / seecode-scanner
  SeeCode Scanner 扫描引擎
  ☆2Updated 5 years ago
• h4rdy / Acunetix11-API-Documentation
  Inofficial Acunetix11 API Documentation
  ☆178Updated 5 years ago
• davexpro / PocHunter
  一个适配器模块，用于调用市面上流行的PoC框架(Beebeeto/PocSuite/TangScan/KsPoc)下的PoC.
  ☆95Updated 7 years ago