Displaying 1 to 10 from 10 results

OSSEC - Host-based Intrusion Detection System

OSSEC is a full platform to monitor and control your systems. It mixes together all the aspects of HIDS (host-based intrusion detection), log monitoring and SIM/SIEM together in a simple, powerful and open source solution.

signature-base - Signature base for my scanner tools

The signature-base repository is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This signature-base is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICLAR PURPOSE. See the GNU General Public License for more details.

Apache Metron - Real-time Big Data Security

Metron integrates a variety of open source big data technologies in order to offer a centralized tool for security monitoring and analysis. Metron provides capabilities for log aggregation, full packet capture indexing, storage, advanced behavioral analytics and data enrichment, while applying the most current threat intelligence information to security telemetry within a single platform.

phishing_catcher - Phishing catcher using Certstream

Catching malicious phishing domain names using certstream SSL certificates live stream. The script should work fine using Python2 or Python3.

misp-osint-collection - Collection of best practices to add OSINT into MISP and/or MISP communities

The document is available in XMind format and the source is available. Fork the project, download the XMind format document, edit the document with XMind, commit and do a pull-request.

Phishruffus - Intelligent threat hunter and phishing servers

Phishruffus is a tool designed for the identification of DNS servers and Internet threats used for the illegal practice of phishing.

omnibus - The OSINT Omnibus (beta release)

An Omnibus is defined as a volume containing several novels or other items previously published separately and that is exactly what the InQuest Omnibus project intends to be for Open Source Intelligence collection, research, and artifact management. By providing an easy to use interactive command line application, users are able to create sessions to investigate various artifacts such as IP addresses, domain names, email addresses, usernames, file hashes, Bitcoin addresses, and more as we continue to expand.

python-iocextract - Advanced Indicator of Compromise (IOC) extractor.

Advanced Indicator of Compromise (IOC) extractor. This library extracts URLs, IP addresses, MD5/SHA hashes, email addresses, and YARA rules from text corpora. It includes obfuscated and "defanged" IOCs in the output, and optionally deobfuscates them.