threat

Real-time HTTP Intrusion Detection

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

The Correlated CVE Vulnerability And Threat Intelligence Database API

SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS

WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

SIEM Tactics, Techiques, and Procedures

a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations on decentralized finance

A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.

A collection of real-world threat model examples across various technologies, providing practical insights into identifying and mitigating security risks.

A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.

威胁情报播报

16,432 Free Yara rules created by

Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.

国内恶意IP封禁计划，还赛博空间一片朗朗乾坤

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

Collecting & Hunting for IOCs with gusto and style

PatrowlHears - Vulnerability Intelligence Center / Exploits