MalPipe
A modular malware collection and processing framework with support for various threat intelligence feeds.
PSHunt is a Powershell Threat Hunting Module designed to scan remote endpoints for indicators of compromise or survey them for more comprehensive information related to the state of those systems. PSHunt began as the precursor to Infocyte's commercial product, Infocyte HUNT, and is now being open sourced for the benefit of the DFIR community. PSHunt is divided into several modules, functions, and folders, with Discovery functions used to identify hosts on the network, Scanners for modular queries, and Surveys for collecting comprehensive information from remote hosts.
A modular malware collection and processing framework with support for various threat intelligence feeds.
A parsing tool for Yara Scan Service's JSON output file to help maximize benefits and automate parsing of Yara Scan Service results.
A PowerShell module for threat hunting via Windows Event Logs
Maltrail is a malicious traffic detection system utilizing blacklists and heuristic mechanisms.
A free threat intelligence feed and banlist feed of known malicious IP addresses for public use only.
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol, with a focus on incident handling automation and threat intelligence processing.