MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io

Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.

All-in-One malware analysis tool.

Extract and aggregate threat intelligence.

Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.

学习安全运营的记录 | The knowledge base of security operation

Collection of Threat Models

A powerful and user-friendly browser extension that streamlines investigations for security professionals.

Don't Just Search OSINT. Sweep It.

Find phishing kits which use your brand/organization's files and image.

Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases

pretrained BERT model for cyber security text, learned CyberSecurity Knowledge

🚀 This is a collection of hacking🔥 and pentesting 🧐 scripts to help with enumeration, OSINT, exploitation and post exploitation automated scripts to make hacking easier🌠. Have fun!😎

A toolkit for Security Researchers

This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.

With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools

The Threat Actor Profile Guide for CTI Analysts

Extracting Attack Behavior from Threat Reports

Curating Falco rules with MITRE ATT&CK Matrix