threat-analysis

Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.

graylog logging forensics dfir sysmon threat-hunting siem threat-sharing threatintel netsec sysinternals graylog-plugin forensic-analysis threat-analysis threat-intelligence humio mitre-attack sigma-rules forensicartifacts digitalforensics

Updated Nov 5, 2023
PowerShell

utmstack / UTMStack

Star 534

Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.

security security-audit log-analysis incident-response compliance threat-hunting siem hipaa soc threat-analysis security-automation security-tools threat-intelligence soar soc2 malware-detection log-parsing threat-detection cmmc security-operations-center

Updated Feb 24, 2026
TypeScript

TalEliyahu / Threat_Model_Examples

Star 487

A collection of real-world threat model examples across various technologies, providing practical insights into identifying and mitigating security risks.

threat cybersecurity threat-modeling risk-assessment threat-analysis

Updated Jun 12, 2025

utkusen / baitroute

Sponsor

Star 433

A web honeypot library to create vulnerable-looking endpoints to detect and mislead attackers

honeypot threat-hunting threat-analysis threat-intelligence deception decoy

Updated Jan 14, 2025
Go

zdhenard42 / SOC-Multitool

Star 415

A powerful and user-friendly browser extension that streamlines investigations for security professionals.

chrome-extension cybersecurity browser-extension threat-hunting threat-analysis threat-intelligence

Updated May 13, 2025
JavaScript

ecstatic-nobel / OSweep

Star 312

Don't Just Search OSINT. Sweep It.

python osint splunk cybersecurity certificate-transparency ransomware threat-hunting malware-analysis scanners cybercrime threat-analysis pivoting threat-intelligence urlscan-io threatcrowd urlhaus

Updated Jan 26, 2021
Python

t4d / PhishingKitHunter

Star 239

Find phishing kits which use your brand/organization's files and image.

security phishing threat-hunting fraud-prevention phishing-attacks threat-analysis fraud-detection threat-intelligence phishing-sites

Updated Jan 21, 2019
Python

HaoY-l / threat-intel-hub

Star 227

Yi Ge Ji Cheng Duo Yuan Wei Xie Qing Bao De Ju He Ping Tai ,Wei An Quan Yan Jiu Ren Yuan He Yun Wei Tuan Dui Ti Gong Shi Shi Wei Xie Qing Bao Cha Xun He Bo Bao Fu Wu ;Ji Cheng A Li Yun WAFZhu Dong Lan Jie Wei Xie IP,Diao Yu You Jian Shi Shi Jian Ce ,Ji Cheng AIDeng Duo Xiang Chang Yong An Quan Lei Gong Ju

threat-analysis security-tools threat-intelligence threat-detection phishing-detection phishing-tool

Updated Dec 30, 2025
Vue

jackaduma / SecBERT

Star 207

pretrained BERT model for cyber security text, learned CyberSecurity Knowledge

nlp security apt transformers cybersecurity attention threat-hunting deeplearning cyber-security nlp-machine-learning bert threat-analysis security-automation threat-intelligence machine-learning-security cyber-threat-intelligence threat-detection transformer-encoder bert-embeddings deep-learning-security

Updated Apr 28, 2023
Python

alvin-tosh / Infosec-and-Hacking-Scripts

Star 182

This is a collection of hacking and pentesting scripts to help with enumeration, OSINT, exploitation and post exploitation automated scripts to make hacking easier. Have fun!