We have collection of more than 1 Million open source products ranging from Enterprise product to small libraries in all platforms. We aggregate information from all open source repositories. Search and find the best for your needs. Check out projects section.
awesome-threat-detection - A curated list of awesome threat detection and hunting resources
- 32
Contributions welcome! Read the contribution guidelines first. To the extent possible under law, Adel "0x4D31" Karimi has waived all copyright and related or neighboring rights to this work.
https://github.com/0x4D31/awesome-threat-detection| Tags | awesome awesome-list resources threat-hunting security hunting intrusion-detection detection |
| Implementation | |
| License | Public |
| Platform |
Related Projects
awesome-yara - A curated list of awesome YARA rules, tools, and people.
A curated list of awesome YARA rules, tools, and resources. Inspired by awesome-python and awesome-php. YARA is an ancronym for: YARA: Another Recursive Ancronym, or Yet Another Ridiculous Acronym. Pick your choice.
yara-rules yara-signatures yara malware-rules malware-analysis malware-research malware-detection yara-scanner yara-manager threat-hunting awesome awesome-yara awesome-list iocMISP - MISP (core software) - Open Source Threat Intelligence Platform (formely known as Malware Information Sharing Platform)
MISP, is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threat about cyber security incidents analysis and malware analysis. MISP is designed by and for incident analysts, security and ICT professionals or malware reverser to support their day-to-day operations to share structured informations efficiently. The objective of MISP is to foster the sharing of structured information within the security community and abroad. MISP provides functionalities to support the exchange of information but also the consumption of the information by Network Intrusion Detection System (NIDS), LIDS but also log analysis tools, SIEMs.
misp threat-sharing threat-hunting threatintel malware-analysis stix information-exchange fraud-management tip security cti cybersecurity fraud-detection fraud-prevention threat-analysis information-security information-sharing threat-intelligence threat-intelligence-platform intelligenceh4cker - This repository is primarily maintained by Omar Santos and includes resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more
This repository includes thousands of cybersecurity-related references and resources and it is maintained by Omar Santos. This GitHub repository has been created to provide supplemental material to several books, video courses, and live training created by Omar Santos and other co-authors. It provides over 6,000 references, scripts, tools, code, and other resources that help offensive and defensive security professionals learn and develop new skills. This GitHub repository provides guidance on how build your own hacking environment, learn about offensive security (ethical hacking) techniques, vulnerability research, exploit development, reverse engineering, malware analysis, threat intelligence, threat hunting, digital forensics and incident response (DFIR), includes examples of real-life penetration testing reports, and more. These courses serve as comprehensive guide for any network and security professional who is starting a career in ethical hacking and penetration testing. It also can help individuals preparing for the Offensive Security Certified Professional (OSCP), the Certified Ethical Hacker (CEH), CompTIA PenTest+ and any other ethical hacking certification. This course helps any cyber security professional that want to learn the skills required to becoming a professional ethical hacker or that want to learn more about general hacking methodologies and concepts.
hacking penetration-testing hacking-series video-course cybersecurity ethical-hacking ethicalhacking hacker exploit exploits exploit-development vulnerability vulnerability-scanners vulnerability-assessment vulnerability-management vulnerability-identification awesome-lists awesome-list training hackersatomic-red-team - Small and highly portable detection tests.
Small and highly portable detection tests mapped to the Mitre ATT&CK Framework.Our Atomic Red Team tests are small, highly portable detection tests mapped to the MITRE ATT&CK Framework. Each test is designed to map back to a particular tactic. We hope that this gives defenders a highly actionable way to immediately start testing their defenses against a broad spectrum of attacks.
mitre mitre-attack threat-detection threat-hunting threat huntingDetectionLab - Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices
This lab has been designed with defenders in mind. Its primary purpose is to allow the user to quickly build a Windows domain that comes pre-loaded with security tooling and some best practices when it comes to system logging configurations. It can easily be modified to fit most needs or expanded to include additional hosts.NOTE: This lab has not been hardened in any way and runs with default vagrant credentials. Please do not connect or bridge it to any networks you care about. This lab is deliberately designed to be insecure; the primary purpose of it is to provide visibility and introspection into each host.
vagrant vagrantfile packer information-security lab-environment dfir threat-detection threat-hunting threat huntingThreatHunter-Playbook - A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns
A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns by leveraging Sysmon and Windows Events logs. This project will provide specific chains of events exclusively at the host level so that you can take them and develop logic to deploy queries or alerts in your preferred tool or format such as Splunk, ELK, Sigma, GrayLog etc. This repo will follow the structure of the MITRE ATT&CK framework which categorizes post-compromise adversary behavior in tactical groups. In addition, it will provide information about hunting tools/platforms developed by the infosec community for testing and enterprise-wide hunting.Can't wait to see other hunters' pull requests with awesome ideas to detect advanced patterns of behavior. The more chains of events you contribute the better this playbook will be for the community.
threat-hunting sysmon hunting-campaigns hypothesis hunting dfir hunter mitre-attack-db mitreHELK - The Incredible HELK
A Hunting ELK (Elasticsearch, Logstash, Kibana) with advanced analytic capabilities.At the end of the HELK installation, you will have a similar output with the information you need to access the primary HELK components. Remember that the default username and password for the HELK are helk:hunting.
hunting elasticsearch kibana logstash hunting-platforms elk elk-stack elastic docker jupyter-notebook threat-hunting spark dockerhub threat-detection threatOSSEC - Host-based Intrusion Detection System
OSSEC is a full platform to monitor and control your systems. It mixes together all the aspects of HIDS (host-based intrusion detection), log monitoring and SIM/SIEM together in a simple, powerful and open source solution.
intrusion-detection siem threat-intelligence security-analytics threat-analytics monitoringSuricata IDS - Network threat detection engine
The Suricata engine is capable of real time intrusion detection (IDS), inline intrusion prevention (IPS), network security monitoring (NSM) and offline pcap processing. Suricata inspects the network traffic using a powerful and extensive rules and signature language, and has powerful Lua scripting support for detection of complex threats.
intrusion-detection network-security-monitoring security ids ips nsm network-monitoringawesome-malware-analysis - A curated list of awesome malware analysis tools and resources.
A curated list of awesome malware analysis tools and resources. Inspired by awesome-python and awesome-php. View Chinese translation: 恶意软件分析大合集.md.
malware-analysis awesome awesome-list list malware-samples analysis-framework dynamic-analysis static-analysis threat-intelligence automated-analysis domain-analysis network-traffic threatintel malware-collection malware-research threat-sharing chinese-translation chineseawesome-threat-intelligence - A curated list of Awesome Threat Intelligence resources
A concise definition of Threat Intelligence: evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice, about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject’s response to that menace or hazard. Feel free to contribute.
security awesomesecurity-onion - Linux distro for intrusion detection, enterprise security monitoring, and log management
For more information about Security Onion, please see our main website, blog, and wiki. This repo contains the ISO image, Wiki, and Roadmap for Security Onion.
intrusion-detection network-security-monitoring log-management ids nsm hunting dfirApache Spot - A Community Approach to Fighting Cyber Threats
Apache Spot is a community-driven cybersecurity project, built from the ground up, to bring advanced analytics to all IT Telemetry data on an open, scalable platform. pot expedites threat detection, investigation, and remediation via machine learning and consolidates all enterprise security data into a comprehensive IT telemetry hub based on open data models.
threat-analytics threat-detection threat-analysis cybersecurity threat machine-learningawesome-object-detection - Awesome Object Detection based on handong1587 github: https://handong1587
This is a list of awesome articles about object detection.
object-detection detection computer-vision deep-learning object-localisationApache Metron - Real-time Big Data Security
Metron integrates a variety of open source big data technologies in order to offer a centralized tool for security monitoring and analysis. Metron provides capabilities for log aggregation, full packet capture indexing, storage, advanced behavioral analytics and data enrichment, while applying the most current threat intelligence information to security telemetry within a single platform.
security-framework cyber-crime anomoly-detection monitoring security big-data threat-intelligence security-analytics opensoc siem threat-analyticsProactive Investigator: advanced analytics for threat detection
Proactive Investigator is a solution created for information security threat detection. It is an end-to-end solution, currently built on SQL Server 2008
3d analysis-services analytics bi intel securityandroid-security-awesome - A collection of android security related resources
A collection of android security related resources. Other amazingly awesome lists can be found in the awesome-awesomeness list.
awesome-list awesome list android securityRedHunt-OS - Virtual Machine for Adversary Emulation and Threat Hunting
RedHunt aims to be a one stop shop for all your threat emulation and threat hunting needs by integrating attacker's arsenal as well as defender's toolkit to actively identify the threats in your environment.
awesome-infosec - A curated list of awesome infosec courses and training resources.
A curated list of awesome information security resources, inspired by the awesome-* trend on GitHub. Those resources and tools are intended only for cybersecurity professional and educational use in a controlled environment.
infosec pentest courses penetration-testing security-professionals lab awesome securityawesome-security - A collection of awesome software, libraries, documents, books, resources and cools stuffs about security
A collection of awesome software, libraries, documents, books, resources and cool stuff about security. Inspired by awesome-php, awesome-python.
security awesome-list
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.
