DeepBlueCLI
A PowerShell module for threat hunting via Windows Event Logs
The Shadowserver Foundation is a nonprofit security organization that collects and shares threat data, provides free daily remediation reports, and partners with network providers, governments, and law enforcement to make the Internet more secure. They offer various tools and resources, including reports on malware, DDoS attacks, and more, as well as a press kit and media coverage. The organization is funded by sponsorships, grants, and charitable donations, and works with national CSIRTs, industry sectors, and law enforcement to improve network security and advance threat research.
A PowerShell module for threat hunting via Windows Event Logs
A tool designed to extract additional value from enterprise-wide AppCompat / AmCache data
A tracker that detects and logs SYN packets with a specific signature generated by the Mirai malware, providing real-time information on Mirai-based campaigns.
A threat hunting capability that leverages Sysmon and MITRE ATT&CK on Azure Sentinel
Provides breach and attack simulation products for security control validation, offering three different products to meet the needs of organizations of various sizes and maturity levels.
Pulsedive is a threat intelligence platform that provides frictionless threat intelligence for growing teams, offering features such as indicator enrichment, threat research, and API integration.