#
threat-analysis
- Sign up for GitHub or sign in to edit this page
Here are 35 public repositories matching this topic...
Advanced Sysmon configuration, Installer & Auto Updater with high-quality event tracing
-
Updated
Oct 31, 2019 - 410 commits
- Batchfile
Extract and aggregate threat intelligence.
-
Updated
Nov 4, 2019 - 413 commits
- Python
Don't Just Search OSINT. Sweep It.
-
Updated
Nov 4, 2019 - 279 commits
- Python
Find phishing kits which use your brand/organization's files and image.
-
Updated
Oct 31, 2019 - 20 commits
- Python
sirbod2005
commented
Feb 27, 2018
As most of us will be sitting behind a firewall, it would be useful to know the IPs/Host names and ports this plugin uses so we can open up our firewalls for only what is required.
A toolkit for Security Researchers
-
Updated
Oct 15, 2019 - 130 commits
- Python
This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.
-
Updated
Oct 29, 2019 - 96 commits
- Python
Intelligent threat hunter and phishing servers
-
Updated
Aug 4, 2019 - 14 commits
- Python
With the hope that someone finds the data useful, we're publishing an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
-
Updated
Oct 23, 2019 - 44 commits
Download pcap files from http://www.malware-traffic-analysis.net/
-
Updated
Oct 27, 2019 - 1 commits
BeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you
-
Updated
Jul 25, 2019 - 280 commits
- C#
This repository contains tools used by 401trg.
-
Updated
Oct 13, 2019 - 10 commits
- Python
Looks up details on a public IPV4 address against ip-info and blacklist-search sites. Providing a quick reputation lookup for an analyst.
-
Updated
May 1, 2019 - 49 commits
- Python
A Haskell EDSL for conducting threat analysis using Attack Trees
-
Updated
May 17, 2018 - 25 commits
- Haskell
Phishing URL Testing Database of Link Statuses
-
Updated
Nov 3, 2019 - 11 commits
- Shell
Map and visualize SSH logins from sensors.
-
Updated
Aug 27, 2019 - 58 commits
- Python
Generate a report containing IOCs gathered from VirusTotal and Hybrid-Analysis.
-
Updated
Mar 31, 2019 - 63 commits
- Python
Insight aids in profiling a host by searching several online services for information about an IP or domain name.
-
Updated
Apr 19, 2019 - 28 commits
- Python
Quick SOC L1 ticket structure
-
Updated
Jul 12, 2019 - 187 commits
- Python
Simple tool that you can use for collect relevant data of Portable Executable (PE) files that can be used for Intel during a line of research related with malware.
-
Updated
Jul 13, 2017 - 65 commits
- Python
pcap analyser that uses rest api for IP/URL reputation and also for obtaining URL's
-
Updated
Jul 8, 2019 - 13 commits
- Python
Script auto generate rules with IOC
-
Updated
Nov 15, 2018 - 6 commits
- Python
Hello everyone!
I have a few doubts on how events are handled across misp instances and Orgs. As I still haven't complete domain of the code and my curiosity is killing me, I'm coming here to ask help =]
Wil