Visualization Tools and Resources

Kanvas

An open-source incident response case management tool that provides visualization, threat intelligence lookups, and security framework mapping in a unified workspace.

0

Kanvas

An open-source incident response case management tool that provides visualization, threat intelligence lookups, and security framework mapping in a unified workspace.

0

+7

Investigative Analytics Platform by Cognyte

An investigative analytics platform that uses machine learning to fuse and analyze data from multiple sources, enabling security organizations to extract insights and identify patterns for threat prevention and complex investigations.

0

Investigative Analytics Platform by Cognyte

An investigative analytics platform that uses machine learning to fuse and analyze data from multiple sources, enabling security organizations to extract insights and identify patterns for threat prevention and complex investigations.

0

+7

Granef

A network forensics toolkit that transforms network traffic data into graph-based representations for interactive analysis and visualization through a web interface.

0

Granef

A network forensics toolkit that transforms network traffic data into graph-based representations for interactive analysis and visualization through a web interface.

0

+6

postMessage-tracker

Track postMessage usage with this Chrome Extension

0

postMessage-tracker

Track postMessage usage with this Chrome Extension

0

+1

Acapulco (Attack Community grAPh COnstruction)

A Splunk application that processes honeypot data from hpfeeds channels to generate clustered meta-events and visualizations for security analysis.

0

Acapulco (Attack Community grAPh COnstruction)

A Splunk application that processes honeypot data from hpfeeds channels to generate clustered meta-events and visualizations for security analysis.

0

+4

Aaia

Aaia visualizes AWS IAM and Organizations data in Neo4j graph format to help identify security outliers and conduct privilege escalation analysis through Cypher queries.

0

Identity And Access Management

Vulnerability Analysis

Aaia

Aaia visualizes AWS IAM and Organizations data in Neo4j graph format to help identify security outliers and conduct privilege escalation analysis through Cypher queries.

0

+7

PacBot

PacBot is a cloud security platform that provides continuous compliance monitoring, automated policy enforcement, and security reporting through policy-as-code implementation and multi-source data integration.

0

PacBot

PacBot is a cloud security platform that provides continuous compliance monitoring, automated policy enforcement, and security reporting through policy-as-code implementation and multi-source data integration.

0

+7

ATT&CK® Navigator

A web-based visualization tool for navigating and annotating MITRE ATT&CK matrices to support threat analysis, defensive planning, and security coverage assessment.

0

ATT&CK® Navigator

A web-based visualization tool for navigating and annotating MITRE ATT&CK matrices to support threat analysis, defensive planning, and security coverage assessment.

0

+7

RedEye

RedEye is a visual analytic tool that provides enhanced situational awareness and operational insights for both Red and Blue Team cybersecurity operations.

0

RedEye

RedEye is a visual analytic tool that provides enhanced situational awareness and operational insights for both Red and Blue Team cybersecurity operations.

0

+5

aws-summarize-account-activity

A Python tool that analyzes AWS CloudTrail data to summarize IAM principal activities, API calls, regions, IP addresses, and user agents with configurable timeframes and visualization options.

0

aws-summarize-account-activity

A Python tool that analyzes AWS CloudTrail data to summarize IAM principal activities, API calls, regions, IP addresses, and user agents with configurable timeframes and visualization options.

0

+7

OSTrICa

OSTrICa is an open source plugin-based framework that collects and visualizes threat intelligence data from various sources to help cybersecurity professionals correlate IoCs and enhance their defensive capabilities.

0

OSTrICa

OSTrICa is an open source plugin-based framework that collects and visualizes threat intelligence data from various sources to help cybersecurity professionals correlate IoCs and enhance their defensive capabilities.

0

+7

AfterGlow Cloud

AfterGlow Cloud is a Django-based web application that allows users to upload data and generate graph visualizations through a browser interface.

0

AfterGlow Cloud

AfterGlow Cloud is a Django-based web application that allows users to upload data and generate graph visualizations through a browser interface.

0

+7

Starbase

Starbase is a graph-based security analysis platform that provides automated asset discovery and relationship mapping across external services and systems to enhance attack surface visibility.

0

Free

Attack Surface Management

Attack Surface Mapping

Starbase

Starbase is a graph-based security analysis platform that provides automated asset discovery and relationship mapping across external services and systems to enhance attack surface visibility.

0

Free

Attack Surface Management

Attack Surface

Asset Discovery

Graph

+7

mhn-core-docker

A Docker-based honeypot network implementation featuring cowrie and dionaea honeypots with centralized event collection, geolocation enrichment, and real-time attack visualization.

0

mhn-core-docker

A Docker-based honeypot network implementation featuring cowrie and dionaea honeypots with centralized event collection, geolocation enrichment, and real-time attack visualization.

0

+6

visualize_logs

A Python library and command line tool that creates interactive visualizations for log data analysis with zoom and navigation capabilities.

0

visualize_logs

A Python library and command line tool that creates interactive visualizations for log data analysis with zoom and navigation capabilities.

0

+7

HoneyMap

Web application for visualizing live GPS locations on an SVG world map using honeypot captures.

0

HoneyMap

Web application for visualizing live GPS locations on an SVG world map using honeypot captures.

0

+1

AfterGlow

Visualize and analyze network relationships with AfterGlow

0

AfterGlow

Visualize and analyze network relationships with AfterGlow

0

+2

Active Directory Control Paths

A tool for analyzing and visualizing control relationships and privilege escalation paths within Active Directory environments using graph-based representations.

0

Active Directory Control Paths

A tool for analyzing and visualizing control relationships and privilege escalation paths within Active Directory environments using graph-based representations.

0

+7

Hiryu

A visualization tool for threat analysis that organizes APT campaign information and visualizes relations of IOC.

0

Hiryu

A visualization tool for threat analysis that organizes APT campaign information and visualizes relations of IOC.

0

+2

HpfeedsHoneyGraph

HpfeedsHoneyGraph is a visualization application that creates graphical representations of hpfeeds logs to aid cybersecurity analysis of honeypot data.

0

HpfeedsHoneyGraph

HpfeedsHoneyGraph is a visualization application that creates graphical representations of hpfeeds logs to aid cybersecurity analysis of honeypot data.

0

+7

Weave Scope

Weave Scope is a real-time visualization and monitoring tool that automatically maps Docker container infrastructures and microservices, providing interactive topology views and direct container management capabilities.

0

Weave Scope

Weave Scope is a real-time visualization and monitoring tool that automatically maps Docker container infrastructures and microservices, providing interactive topology views and direct container management capabilities.

0

+6

DroidBox

DroidBox is a dynamic analysis framework for Android applications that monitors runtime behavior, network activity, file operations, and security events while generating behavioral visualizations.

0

DroidBox

DroidBox is a dynamic analysis framework for Android applications that monitors runtime behavior, network activity, file operations, and security events while generating behavioral visualizations.

0

+7

cowrie2neo

cowrie2neo parses Cowrie honeypot logs and imports the data into Neo4j databases for graph-based analysis and visualization of honeypot interactions.

0

cowrie2neo

cowrie2neo parses Cowrie honeypot logs and imports the data into Neo4j databases for graph-based analysis and visualization of honeypot interactions.

0

+7

aws-security-viz

A Ruby-based tool that creates visual diagrams of AWS EC2 security group configurations to help understand network access patterns and security relationships.

0

aws-security-viz

A Ruby-based tool that creates visual diagrams of AWS EC2 security group configurations to help understand network access patterns and security relationships.

0

+6

Shockpot-Frontend

A web-based visualization tool that displays statistics and generates charts from Shockpot honeypot data stored in PostgreSQL databases.

0

Shockpot-Frontend

A web-based visualization tool that displays statistics and generates charts from Shockpot honeypot data stored in PostgreSQL databases.

0

+5

Cowralyze

A command-line tool for analyzing Cowrie honeypot log files over time, generating statistics and visualizations from local or remote log data.

0

Cowralyze

A command-line tool for analyzing Cowrie honeypot log files over time, generating statistics and visualizations from local or remote log data.

0

+7

auspex

A graph-based tool for visualizing AWS access permissions and resource relationships to identify potential attack paths and privilege escalation opportunities.

0

auspex

A graph-based tool for visualizing AWS access permissions and resource relationships to identify potential attack paths and privilege escalation opportunities.

0

+7

Potiron

Normalize, index, enrich, and visualize network capture data using Potiron.

0

Potiron

Normalize, index, enrich, and visualize network capture data using Potiron.

0

+3

msticpy

msticpy is a Python library for InfoSec investigation and threat hunting in Jupyter Notebooks, providing data querying, threat intelligence enrichment, analysis capabilities, and interactive visualizations.

0

msticpy

msticpy is a Python library for InfoSec investigation and threat hunting in Jupyter Notebooks, providing data querying, threat intelligence enrichment, analysis capabilities, and interactive visualizations.

0

+11

Visualization

PINNED

LATEST ADDITIONS

Kanvas

Kanvas

Investigative Analytics Platform by Cognyte

Investigative Analytics Platform by Cognyte

Granef

Granef

postMessage-tracker

postMessage-tracker

Acapulco (Attack Community grAPh COnstruction)

Acapulco (Attack Community grAPh COnstruction)

Aaia

Aaia

PacBot

PacBot

ATT&CK® Navigator

ATT&CK® Navigator

RedEye

RedEye

aws-summarize-account-activity

aws-summarize-account-activity

OSTrICa

OSTrICa

AfterGlow Cloud

AfterGlow Cloud

Starbase

Starbase

mhn-core-docker

mhn-core-docker

visualize_logs

visualize_logs

HoneyMap

HoneyMap

AfterGlow

AfterGlow

Active Directory Control Paths

Active Directory Control Paths

Hiryu

Hiryu

HpfeedsHoneyGraph

HpfeedsHoneyGraph

Weave Scope

Weave Scope

DroidBox

DroidBox

cowrie2neo

cowrie2neo

aws-security-viz

aws-security-viz

Shockpot-Frontend

Shockpot-Frontend

Cowralyze

Cowralyze

auspex

auspex

Potiron

Potiron

msticpy

msticpy