#Threat-analysis
Showing 24 of 24 repositories tagged #threat-analysis, ranked by stars
Cowrie SSH/Telnet Honeypot https://docs.cowrie.org/
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
Open Source Cloud Native Application Protection Platform (CNAPP)
All-in-One malware analysis tool.
Extract and aggregate threat intelligence.
学习安全运营的记录 | The knowledge base of security operation
Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.
A collection of real-world threat model examples across various technologies, providing practical insights into identifying and mitigating security risks.
A powerful and user-friendly browser extension that streamlines investigations for security professionals.
ATHF is a framework for agentic threat hunting - building systems that can remember, learn, and act with increasing autonomy.
Don't Just Search OSINT. Sweep It.
pretrained BERT model for cyber security text, learned CyberSecurity Knowledge
Free email OSINT tool, 2500+ platforms, identity clustering, breach detection. No API keys required. pip install mailaccess
🚀 This is a collection of hacking🔥 and pentesting 🧐 scripts to help with enumeration, OSINT, exploitation and post exploitation automated scripts to make hacking easier🌠. Have fun!😎
Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports
Projects, notes, and write-ups I have done while completing the Google Cybersecurity Certificate
A toolkit for Security Researchers
Curating Falco rules with MITRE ATT&CK Matrix
Extracting Attack Behavior from Threat Reports
An ongoing & curated collection of awesome software best practices and remediation techniques, libraries and frameworks, E-books and videos, Technical guidelines and important resources about Threat Detection & Hunting.
Quick SOC L1 ticket structure
A portfolio demonstrating advanced blue and red team skills, including: SSH MFA implementation, Volatility-based memory forensics to detect code injection, Splunk threat hunting (BOTS v3), Wireshark C2 analysis, and kernel exploitation walkthroughs (LinPEAS, VulnHub).
Automated compromise detection of the world's most popular packages
VirusTotal MCP Server是一个让AI结合威胁情报进行深入分析、基于 Model Context Protocol (MCP) 开发的 VirusTotal API 调用工具,为用户提供文件、IP地址、域名和URL的威胁情报查询功能,并将得到的数据喂给AI进行二次分析,提升威胁情报分析能力并给予处置建议。