Dorothy
Created by David French (@threatpunter) at Elastic Security, Dorothy is a tool designed to help security teams test their monitoring and detection capabilities for their Okta environment. It offers modules to simulate attacker actions and security audit actions in an Okta environment, mapped to relevant MITRE ATT&CK® tactics like persistence, defense evasion, and discovery. Elastic Security's free detection rules for Okta can be found in their detection-rules repository. It is recommended to use Dorothy in a test environment to avoid any impact on the production environment.
FEATURES
ALTERNATIVES
FireEye Mandiant SunBurst Countermeasures: freely available rules for detecting malicious files and activity
VirusTotal API v3 is a threat intelligence platform for scanning files, URLs, and IP addresses, and retrieving reports on threat reputation and context.
Provides indicators of compromise (IOCs) to combat malware with Yara and Snort rules.
CyBot is a free and open source threat intelligence chat bot with a community-driven plugin framework.
A collection of Yara rules for the Burp Yara-Scanner extension to identify malicious software on websites.
Maltrail is a malicious traffic detection system utilizing blacklists and heuristic mechanisms.
In-depth threat intelligence reports and services providing insights into real-world intrusions, malware analysis, and threat briefs.
Acapulco is a Splunk application that automatically generates meta-events from hpfeeds channels and visualizes them using D3.js.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.