27 tools and resources
Kunai is a Linux-based system monitoring tool that provides real-time monitoring and threat hunting capabilities.
Monitors GitHub for leaked secrets
A GitHub App that monitors GitHub organizations or repositories for adherence to security best practices and detects policy violations.
A serverless application for creating and monitoring URL tokens with threat intelligence and customizable alerts.
A set of Bro/Zeek scripts that detect ATT&CK-based adversarial activity and raise notices
Cybersecurity project for security monitoring of Node.js applications.
Medium interaction SSH honeypot for logging brute force attacks and shell interactions.
Multi-honeypot platform with various honeypots and monitoring tools.
Snort is an open source intrusion prevention system that uses rules to detect and prevent malicious network activity.
A honeypot agent for running honeypots with service and data at threatwar.com.
ElastAlert is a framework for alerting on anomalies in Elasticsearch data.
Automate AWS security checks and centralize security alerts.
A comprehensive dashboard for managing and monitoring honeypots with detailed information on attack attempts and connections.
A centralized tool for security monitoring and analysis that integrates various open source big data technologies.
Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.
A comprehensive guide to network security monitoring, teaching readers how to detect and respond to intrusions using open source software and vendor-neutral tools.
An Android-based self-defense application against forensic imaging tools like Cellebrite UFED.
A honeypot that logs NTP packets into a Redis database to detect DDoS attempts.
A Perl honeypot program for monitoring hostile traffic and wasting hackers' time.
Comprehensive suite of tools and resources by Microsoft Azure for ensuring security and protection of data and applications in the cloud.
A practical guide to developing a comprehensive security monitoring and incident response strategy, covering incident response fundamentals, threat analysis, and data analysis.
Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.
A Sysmon configuration file template with detailed explanations and tutorial-like features.
Honey-Pod for SSH that logs username and password tries during brute-force attacks.
Honeypot platform for tracking and monitoring UDP-based DDoS attacks with support for various honeypot services.
A package for capturing and analyzing network flow data and intraflow data.
Monitor WMI consumers and processes for potential malicious activity
