Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
-
Updated
Jul 15, 2024 - Python
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
IntelOwl: manage your Threat Intelligence at scale
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
Interesting APT Report Collection And Some Special IOC
Your Everyday Threat Intelligence
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
A collection of resources for Threat Hunters
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Extract and aggregate threat intelligence.
The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.
StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
Scirius is a web application for Suricata ruleset management and threat hunting.
This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.
Clusters and elements to attach to MISP events or attributes (like threat actors)
A Holistic OSINT and Threat Hunting Platform
Live Feed of C2 servers, tools, and botnets
Add a description, image, and links to the threat-hunting topic page so that developers can more easily learn about it.
To associate your repository with the threat-hunting topic, visit your repo's landing page and select "manage topics."