Explore 16 curated tools and resources
Want your tool featured here?
Get maximum visibility with pinned placement
Orochi is a collaborative forensic memory dump analysis framework.
Watchmen is a framework that centralizes AWS Config rule lambda functions into a single account for streamlined compliance management and automation.
Watchmen is a framework that centralizes AWS Config rule lambda functions into a single account for streamlined compliance management and automation.
An open-source dynamic analysis framework that intercepts and monitors API calls in Android applications using the Android Substrate framework.
An open-source dynamic analysis framework that intercepts and monitors API calls in Android applications using the Android Substrate framework.
ElasticSearch honeypot to capture attempts to exploit CVE-2014-3120, with logging and daemon options.
Hippocampe is a threat feed aggregator with configurable confidence levels and a Hipposcore for determining maliciousness.
Hippocampe is a threat feed aggregator with configurable confidence levels and a Hipposcore for determining maliciousness.
Browse a library of EQL analytics now natively integrated in Elasticsearch.
Browse a library of EQL analytics now natively integrated in Elasticsearch.
Syrup is a Go-based SSH honeypot that simulates SSH services with fake shells, session recording, and comprehensive logging to monitor and analyze unauthorized access attempts.
Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale.
Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale.
ElastAlert is a framework for alerting on anomalies in Elasticsearch data.
Custom built application for asynchronous forensic data presentation on an Elasticsearch backend, with upcoming features like Docker-based installation and new UI rewrite in React.
Custom built application for asynchronous forensic data presentation on an Elasticsearch backend, with upcoming features like Docker-based installation and new UI rewrite in React.
A tool for fetching and visualizing cyber threat intelligence data with Elasticsearch and Kibana integration.
A tool for fetching and visualizing cyber threat intelligence data with Elasticsearch and Kibana integration.
SHIVA: Spam Honeypot with Intelligent Virtual Analyzer for capturing and analyzing spam data.
SHIVA: Spam Honeypot with Intelligent Virtual Analyzer for capturing and analyzing spam data.
A honeypot system that detects and identifies attack commands, recon attempts, and download commands, mimicking a vulnerable Elasticsearch instance.
A honeypot system that detects and identifies attack commands, recon attempts, and download commands, mimicking a vulnerable Elasticsearch instance.
A simple Elasticsearch honeypot to catch attackers exploiting RCE vulnerabilities.
A simple Elasticsearch honeypot to catch attackers exploiting RCE vulnerabilities.
A library of event-based analytics written in EQL to detect adversary behaviors identified in MITRE ATT&CK, providing detection rules for the Elastic Stack.
A library of event-based analytics written in EQL to detect adversary behaviors identified in MITRE ATT&CK, providing detection rules for the Elastic Stack.
SysmonSearch makes event log analysis more effective by aggregating Microsoft Sysmon logs and providing detailed analysis through Elasticsearch and Kibana.
SysmonSearch makes event log analysis more effective by aggregating Microsoft Sysmon logs and providing detailed analysis through Elasticsearch and Kibana.