TheHive: a Scalable, Open Source and Free Security Incident Response Platform
-
Updated
Dec 5, 2022 - Scala
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
Documentation of TheHive
Real-time HTTP Intrusion Detection
Cortex: a Powerful Observable Analysis and Active Response Engine
本项目致力于收集网上公开来源的威胁情报,主要关注信誉类威胁情报(如IP/域名等),以及事件类威胁情报。
Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine.
Repository of YARA rules made by Trellix ATR Team
The OSINT Omnibus (beta release)
Historical list of {Cobalt Strike,NanoHTTPD} servers
Bringing you the best of the worst files on the Internet.
Automatically created C2 Feeds
Awesome list of keywords and artifacts for Threat Hunting sessions
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
Open Dataset of Cobalt Strike Beacon metadata (2018-2022)
Explore Indicators of Compromise Automatically
Detect webshells dropped on Microsoft Exchange servers exploited through "proxylogon" group of vulnerabilites (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)
👾 𝘁𝗼𝗼𝗹𝘀 𝗳𝗼𝗿 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗿𝗲𝘀𝗲𝗮𝗿𝗰𝗵𝗲𝗿𝘀: 𝗽𝗲𝗻𝘁𝗲𝘀𝘁𝗶𝗻𝗴, 𝗖𝗧𝗙𝘀 & 𝘄𝗮𝗿𝗴𝗮𝗺𝗲𝘀
BlackBerry Threat Research & Intelligence
Extract indicators of compromise from text, including "escaped" ones.
DDWPasteRecon tool will help you identify code leak, sensitive files, plaintext passwords, password hashes. It also allow member of SOC & Blue Team to gain situational awareness of the organisation's web exposure on the pastesites. It Utilises Google's indexing of pastesites to gain targeted intelligence of the organisation. Blue & SOC teams can…
Add a description, image, and links to the iocs topic page so that developers can more easily learn about it.
To associate your repository with the iocs topic, visit your repo's landing page and select "manage topics."