Alternatives and similar repositories for Threat_Hunting_with_ELK:

Users that are interested in Threat_Hunting_with_ELK are comparing it to the libraries listed below

• LennyLeng / SOC_Sankey_Generator
  ☆55Updated 4 years ago
• sdlchina / sdlchina-web
  SDL China
  ☆33Updated 6 years ago
• cahi1l1yn / aclAuditor
  Audit your acl of network device
  ☆34Updated 4 years ago
• Kutim / docker-security
  docker 安全基线规范
  ☆90Updated 6 years ago
• se55i0n / Awvs_Nessus_Scanner_API
  扫描器Awvs 11和Nessus 7 Api利用脚本
  ☆113Updated 7 years ago
• h7hac9 / ThreatCollector
  威胁情报采集系统
  ☆32Updated 2 years ago
• Qianlitp / WatchAD-Web
  A simple web platform for WatchAD
  ☆111Updated last year
• grayddq / HIDS
  HIDS全称是Host-based Intrusion Detection System，即基于主机型入侵检测系统，HIDS运行依赖这样一个原理：一个成功的入侵者一般而言都会留下他们入侵的痕迹。本人更倾向于通过记录主机的重要信息变更来发现入侵者。 本项目由两部分组成：一部分…
  ☆102Updated 7 years ago
• pythonran / Pcap_tools
  网络流量可配置嗅探，流量包解析，漏洞规则扫描
  ☆83Updated 2 years ago
• grayddq / PubilcAssetInfo
  以甲方安全人员的视角，尽可能收集发现企业的域名和服务器公网IP资产
  ☆65Updated 7 years ago
• MisakiKata / watchfile
  基于inotify的Linux文件实时监控程序，同时调用河马扫描来检测文件
  ☆22Updated 4 years ago
• netxfly / docker-remote-api-exp
  docker remote api未授权访问的利用代码
  ☆50Updated 7 years ago
• NewBee119 / check_ip
  check_IP is to judge whether a IP is malicious based on open threat intelligence，基于开源威胁情报AlienVault，排查IP地址及域名的恶意性
  ☆51Updated 6 years ago
• Wuy1f4n / Sec-Tools-List
  渗透测试中的一些开源工具按照Att&ck 流程进行归类
  ☆76Updated 5 years ago
• SkyBlueEternal / Machine-Learning-Bayesian-Algorithm-Packet-Inspection-webshell-discover
  机器学习流量检测webshell-基于深度包检测技术和贝叶斯算法的webshell检查程序
  ☆57Updated 5 years ago
• aedoo / Allscanner
  数据库和其他服务的弱端口的弱口令检测以及未授权访问的集成检测工具。 Weak password blasting of weak ports and integrated detection tools for unauthorized access.
  ☆132Updated 5 years ago
• hi-WenR0 / MLCheckWebshell
  ☆105Updated 6 years ago
• grayddq / PublicSecScan
  针对大量WEB资产进行分布式WEB安全扫描，发现web环境下常规的一些安全漏洞
  ☆100Updated 5 years ago
• CAT-Team-mmc / lysec
  一个基于docker的安全培训系统
  ☆60Updated 3 years ago
• XiaoXiaoGuaiXiaShi / OpenSource-HoneyPot
  对开源蜜罐的学习研究与理解
  ☆55Updated 4 years ago
• RASSec / yandi-scanner
  Network Security Vulnerability Scanner
  ☆115Updated last year
• HackingLab / PTReporter
  中文版渗透报告生成系统-Serpico
  ☆26Updated 8 years ago
• jiangsir404 / pbscan
  基于burpsuite headless 的代理式被动扫描系统
  ☆96Updated 4 years ago
• tianyulab / Hunting_lateral_movement
  《横向移动攻击与检测技术》专栏文章
  ☆16Updated 5 years ago
• seecode-audit / seecode-scanner
  SeeCode Scanner 扫描引擎
  ☆2Updated 5 years ago
• n4ll3ec / ThreatHound
  ThreatHound is a threat intelligence query tool use for detecting potentially malicious IP or domains. It combines the MISP open source t…
  ☆39Updated 5 years ago
• phantom0301 / VulCloud
  A Simple Web-UI for Vulhub (Docker) / 便捷的漏洞镜像管理部署Web应用
  ☆115Updated 6 years ago
• AnyeDuke / AT-P-list
  攻防清单:用于整理当前收集的所有攻防相关资源
  ☆25Updated 5 years ago
• hillsbird / db_security
  数据库安全审计平台
  ☆64Updated 6 years ago
• ysrc / shelldaddy
  跨平台 webshell 静态扫描器
  ☆34Updated 7 years ago