There are 9 repositories under threat-analysis topic.
Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.
All-in-One malware analysis tool.
Extract and aggregate threat intelligence.
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
学习安全运营的记录 | The knowledge base of security operation
Collection of Threat Models
A powerful and user-friendly browser extension that streamlines investigations for security professionals.
Don't Just Search OSINT. Sweep It.
Find phishing kits which use your brand/organization's files and image.
Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases
🚀 This is a collection of hacking🔥 and pentesting 🧐 scripts to help with enumeration, OSINT, exploitation and post exploitation automated scripts to make hacking easier🌠. Have fun!😎
A toolkit for Security Researchers
This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.
With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
The Threat Actor Profile Guide for CTI Analysts
Extracting Attack Behavior from Threat Reports
Curating Falco rules with MITRE ATT&CK Matrix
Download pcap files from http://www.malware-traffic-analysis.net/
Hide an IP address in scripts using hex/decimal/octal conversions
Intelligent threat hunter and phishing servers
Collection of Suricata rule sets that I use modified to my environments.
Projects, notes, and write-ups I have done while completing the Google Cybersecurity Certificate
Quick SOC L1 ticket structure
Process Hollowing demonstration & explanation
An ongoing & curated collection of awesome software best practices and remediation techniques, libraries and frameworks, E-books and videos, Technical guidelines and important resources about Threat Detection & Hunting.
Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.
USB threat evaluation framework for Linux
Looks up details on a public IPV4 address against ip-info and blacklist-search sites. Providing a reputation check.
MISP decaying models
An SSH honeypot written entirely in Go.