Spyre
A simple, self-contained modular host-based IOC scanner for incident responders.
A simple Python library for interacting with TAXII servers. Docker To run cabby using docker, execute the following: docker run --rm eclecticiq/cabby taxii-discovery --path https://test.taxiistand.com/read-only/services/discovery Feedback You are encouraged to provide feedback by commenting on open issues or sending us email at cabby@eclecticiq.com
A simple, self-contained modular host-based IOC scanner for incident responders.
A community-driven project sharing detection logic, adversary tradecraft, and resources to make detection development more efficient, following MITRE ATT&CK structure.
A curated list of resources for learning about deploying, managing, and hunting with Microsoft Sysmon.
Powershell Threat Hunting Module for scanning remote endpoints and collecting comprehensive information.
A Linux distribution designed for threat emulation and threat hunting, integrating attacker and defender tools for identifying threats in your environment.
Gathers Threat Intelligence Feeds from publicly available sources and provides detailed output in CSV format.