threat-analysis

There are 9 repositories under threat-analysis topic.

• MISP / MISP

  MISP (core software) - Open Source Threat Intelligence and Sharing Platform

  mispthreat-sharingthreat-huntingthreatintelmalware-analysisstixinformation-exchangefraud-managementsecuritycticybersecurityfraud-detectionfraud-preventionthreat-analysisinformation-securityinformation-sharingthreat-intelligencethreat-intelligence-platformintelligencethreat-intel
  Language:PHP 4976

• cowrie / cowrie

  Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io

  cowriehoneypotsshtelnetsecuritykippocowrie-sshtelnet-honeypotsftpscpattackerthreat-analysisthreat-sharingthreatinteldecoydeception
  Language:Python 4908
• ThreatMapper

  deepfence / ThreatMapper

  Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.

  cloud-nativevulnerability-managementthreat-analysisdevsecopssecopsregistry-scanningsecurity-toolscwppobservabilitycloudsecurityvulnerability-scannersvulnerability-detectionscanning-toolcnappcompliancecontainerscspmdevopskuberneteshacktoberfest
  Language:TypeScript 4631

• CYB3RMX / Qu1cksc0pe

  All-in-One malware analysis tool.

  linuxmalware-analysispython3static-analysisvirustotalsecurity-toolstermuxelfexewindowspackersuspicious-filesmalwarethreat-analysisapkosxstringsantivirusransomwareall-in-one
  Language:YARA 1110

• InQuest / ThreatIngestor

  Extract and aggregate threat intelligence.

  iocindicators-of-compromisethreatintelthreat-intelligenceosintdfirmalware-researchsecurity-toolsthreat-sharingthreat-feedsthreat-huntingmispfraud-detectionthreat-analysisintelligence-gatheringthreat-intelligence-platformyarasoar
  Language:Python 781

• ion-storm / sysmon-config

  Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.

  sysmonthreatintelthreat-huntingnetsecsysinternalslogginggrayloggraylog-plugindfirthreat-intelligencethreat-sharingthreat-analysismitre-attackdigitalforensicsforensic-analysisforensicartifactsforensicssiemsigma-ruleshumio
  Language:PowerShell 749

• satan1a / TheRoadOfSO

  学习安全运营的记录 | The knowledge base of security operation

  security-operationscybersecuritysecurity-analysisthreat-analysissecurity-operationsocwikiknowledge-base
  Language:HTML 617

• TalEliyahu / Threat_Model_Examples

  Collection of Threat Models

  risk-assessmentthreatthreat-analysisthreat-modeling
  338

• zdhenard42 / SOC-Multitool

  A powerful and user-friendly browser extension that streamlines investigations for security professionals.

  browser-extensionchrome-extensioncybersecuritythreat-analysisthreat-huntingthreat-intelligence
  Language:JavaScript 309

• ecstatic-nobel / OSweep

  Don't Just Search OSINT. Sweep It.

  osintsplunkcybersecuritypythonthreat-intelligencethreat-huntingthreat-analysismalware-analysispivotingcertificate-transparencycybercrimeransomwarescannersthreatcrowdurlhausurlscan-io
  Language:Python 300

• t4d / PhishingKitHunter

  Find phishing kits which use your brand/organization's files and image.

  phishing-sitesthreat-huntingfraud-detectionfraud-preventionphishing-attacksthreat-intelligencesecuritythreat-analysisphishing
  Language:Python 222

• Graylog2 / graylog-plugin-threatintel

  Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases

  graylogthreatotxwhois-informationabusegraylog-pluginthreatintelthreat-scorethreat-analysisspamhauswhoiswhois-lookup
  Language:Java 145

• jackaduma / SecBERT

  pretrained BERT model for cyber security text, learned CyberSecurity Knowledge

  aptattentionbertbert-embeddingscyber-securitycyber-threat-intelligencecybersecuritydeep-learning-securitydeeplearningmachine-learning-securitynlpnlp-machine-learningsecuritysecurity-automationthreat-analysisthreat-detectionthreat-huntingthreat-intelligencetransformer-encodertransformers
  Language:Python 135

• alvin-tosh / Infosec-and-Hacking-Scripts

  🚀 This is a collection of hacking🔥 and pentesting 🧐 scripts to help with enumeration, OSINT, exploitation and post exploitation automated scripts to make hacking easier🌠. Have fun!😎

  automationbashbrute-forcecybersecurityexploitshackinghacking-toolhashinfosecosint-resourcespythonthreat-analysisthreat-huntingthreat-intelligencewebhackingpenetration-testingpentestingraspberry-pisecurityusb-rubber-ducky
  Language:Python 131

• ecstatic-nobel / Analyst-Arsenal

  A toolkit for Security Researchers

  osintcybersecuritypythonthreat-intelligencethreat-huntingthreat-analysismalware-analysiscertificate-transparencyscannerthreat-detectioncertstreamwebshellopendirdefacedinfosec
  Language:Python 124

• 401trg / detections

  This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.

  401trgprotectwiseiocindicatorsindicators-of-compromisethreat-huntingthreat-analysisverizon
  Language:Python 121

• CERTCC / Vulnerability-Data-Archive

  With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools

  vulnerability-datavulnerabilityvulnerability-notescertvulnerability-reportthreat-intelligencethreatintelthreat-analysisthreatcve
  83

• curated-intel / Threat-Actor-Profile-Guide

  The Threat Actor Profile Guide for CTI Analysts

  ctiintelligence-analysisresourcesthreat-actorsthreat-analysisthreat-intelligencethreatintel
  83

• jackaduma / ThreatReportExtractor

  Extracting Attack Behavior from Threat Reports

  nlpsecuritythreat-intelligencethreat-analysiscybersecuritycyber-threat-intelligenceadvanced-persistent-threatdeep-learningmachine-learningmachine-learning-algorithmsdeeplearningnlp-machine-learningnlp-parsingnatural-language-processinggraph-algorithmsgraph
  Language:Python 73

• CloudDefenseAI / falco_extended_rules

  Curating Falco rules with MITRE ATT&CK Matrix

  cloudsecuritydevopsdevsecopskuberentessecuritycnappcspmsecurity-toolsthreat-analysisvulnerability-detectionvulnerability-scannersfalcomalwarethreatthreat-modelingcontainer-securitykubernetes-securitymalware-analysisworkload-securityzero-day
  Language:Python 70

• tatsuiman / malware-traffic-analysis.net

  Download pcap files from http://www.malware-traffic-analysis.net/

  pcappcap-filesthreat-analysissamples
  68

• bobby-tablez / IP-Obfuscator

  Hide an IP address in scripts using hex/decimal/octal conversions

  antivirus-evasionipmalwareobfuscationpowershellthreat-analysis
  Language:PowerShell 54

• jh00nbr / Phishruffus

  Intelligent threat hunter and phishing servers

  phishingphishing-serverspythonthreat-intelligencethreat-analysis
  Language:Python 45

• Truvis / Suricata_Threat-Hunting-Rules

  Collection of Suricata rule sets that I use modified to my environments.

  suricatasuricata-rulessuricata-rulesnortsnort-rulessnort-rules-generatesnort3securitythreat-intelligencethreat-huntingthreat-detectionthreat-analysisthreat-responsethreat-monitorthreat-intelthreat-gridnetwork-securitynetwork-monitoringnetwork-analysissecurity-awareness
  36

• ethansilvas / google-cybersecurity

  Projects, notes, and write-ups I have done while completing the Google Cybersecurity Certificate

  cybersecuritylinuxpythonrisk-managementsqlthreat-analysis
  Language:Jupyter Notebook 32

• danieleperera / SocAnalystArsenal

  Quick SOC L1 ticket structure

  threatintelthreat-intelligencethreat-analysiscybersecuritycybersecurity-incidentsanalystsanalyst-reportsticket
  Language:Python 31

• AzAgarampur / PsForge

  Process Hollowing demonstration & explanation

  anti-detectionmalwarethreat-analysistrojan-malwarewindows
  Language:C++ 28

• paulveillard / cybersecurity-threat-detection

  An ongoing & curated collection of awesome software best practices and remediation techniques, libraries and frameworks, E-books and videos, Technical guidelines and important resources about Threat Detection & Hunting.

  threat-huntingthreat-intelligencethreat-modelingthreat-responsethreat-detectioncybersecuritysecurity-toolssecurity-vulnerabilitymalware-analysismalware-detectionmalware-developmentencryption-decryptionthreat-analysisthreat-blockerthreat-detection-policythreat-explorerthreat-monitor
  27

• security-union / going-fishing-with-my-raspberry-pi

  raspberry-pipaperinteraction-sshattackerthreat-analysishoneypothoney-pot
  23

• 401trg / utilities

  This repository contains tools used by 401trg.

  401trgprotectwisethreat-huntingthreat-analysistoolsutilitiesverizon
  Language:Python 18

• trickest / packages

  Automated compromise detection of the world's most popular packages

  compromise-detectioninfosecpackagepackagespenetration-testingpentestingpython-packagespython-securitysecuritysoftware-securitythreat-analysisthreat-huntingthreat-intelligence
  16
• TheWatchList

  SCS-Labs / TheWatchList

  Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.

  threatviewthreat-intelligencethreatintelthreatintelligencethreat-sharingthreatthreat-huntingthreat-analysisthreat-responsethreat-detectioncyber-threat-coalitionlists
  13

• Heimdall-Framework / heimdall-framework

  USB threat evaluation framework for Linux

  securityusbcybersecuritythreat-analysisrpipythonlinux
  Language:Python 11

• xakepnz / STRIKEWRITER

  Looks up details on a public IPV4 address against ip-info and blacklist-search sites. Providing a reputation check.

  python-badipreputationthreat-analysisthreatintelthreat-intelligencereputation-apibadipblueteamsecurity-toolssecurityiplookuposint-pythonosintpython3
  Language:Python 11

• MISP / misp-decaying-models

  MISP decaying models

  mispnetwork-securitythreat-intelligencethreatinteldfirthreat-analysis
  Language:Shell 10

• wisepythagoras / honeyshell

  An SSH honeypot written entirely in Go.

  gogolangsshssh-serverssh-honeypothoneypothoneypotsinfoseccybersecuritycyber-securityinformation-securitythreatintelthreat-intelligencethreat-huntingthreat-sharingthreat-analysisthreat-detectionthreat-intel
  Language:Go 8