dizhaung's repositories
amaroq
Puma Security's Amaroq is a vulnerability aggregation, orchestration, and correlation engine for network and product security tools.
async-profiler
Sampling CPU and HEAP profiler for Java featuring AsyncGetCallTrace + perf_events
catalyst
Catalyst is an open source SOAR system that helps to automate alert handling and incident response processes
cmon
NIST Information Security Continuous Monitoring (ISCM) and configuration baseline data collector
concord
Concord - workflow orchestration and continuous deployment management
content
Security automation content in SCAP, Bash, Ansible, and other formats
crowflag
Nmap's XML result parse and NVD's CPE correlation to search CVE.
Drain3
Drain log template miner in Python3
elastalert-server
ElastAlert that exposes REST API's for manipulating rules and alerts
elastalert2
ElastAlert 2 is a continuation of the original yelp/elastalert project. Pull requests are appreciated!
Elkeid-HUB
Elkeid HUB is a rule/event processing engine maintained by the Elkeid Team that supports streaming/offline (not yet supported by the community edition) data processing. The original intention is to solve complex data/event processing and external system linkage requirements through standardized rules.
esProc
esProc SPL is a scripting language for data processing, with well-designed rich library functions and powerful syntax, which can be executed in a Java program through JDBC interface and computing independently.
FingerprintHub
侦查守卫(ObserverWard)的指纹库
go-mysql
a powerful mysql toolset with Go
ICS-Hacking
This repository is focused on cybersecurity in the industrial world. Many industrial communication protocols and equipment is investigated and pentested
insightconnect-plugins
Plugin source code for the InsightConnect SOAR product, developer documentation at https://docs.rapid7.com/insightconnect/getting-started
insightconnect-workflows
Community workflows for the InsightConnect SOAR product
MISP-tools
Import CrowdStrike Threat Intelligence into your instance of MISP
modbus-tk
Create Modbus app easily with Python
pmacct
pmacct is a small set of multi-purpose passive network monitoring tools [NetFlow IPFIX sFlow libpcap BGP BMP RPKI IGP Streaming Telemetry].
praeco
Elasticsearch alerting made simple.
project-killchain
Welcome to Project KillChain, a comprehensive GitHub repository for Red and Blue Teams. This repository houses tools, scripts, techniques, and Indicators of Compromise (IOCs) aiding in cybersecurity operations. It facilitates penetration testing, incident response, digital forensics, and threat hunting.
resilient-community-apps
Source code for IBM SOAR Apps that are available on our App Exchange
resilient-python-api
Python Library for the IBM SOAR REST API, a Python SDK for developing Apps for IBM SOAR and more...
universal-connectors
A collection of Universal connector plug-ins for IBM Guardium Data Protection and IBM Guardium Insights. A universal connector allows Guardium customers to digest data activity events from various data sources and to quickly develop such a plug-in, if required.
velociraptor
Digging Deeper....
yeti
Your Everyday Threat Intelligence