Awesome-Mirrors
/
awesome-cybersecurity-blueteam
mirror of https://github.com/fabacab/awesome-cybersecurity-blueteam.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: Awesome-Mirrors:d698d7cbbb24f58af2d411a342ff037967a0cdca
Branches Tags
Awesome-Mirrors:main
...
compare: Awesome-Mirrors:16ada4ca93b0a80de3e20da3fe7faff500041de0
Branches Tags
Awesome-Mirrors:main

3 Commits
d698d7cbbb ... 16ada4ca93

Author SHA1 Message Date
mangosteen 16ada4ca93
Merge d6d53a2dfb into 00391781af 2023-11-10 06:54:12 -06:00
fabacab 00391781af Add Logging Made Easy, a central log management system made by CISA. 2023-11-09 20:08:30 -05:00
mangosteen d6d53a2dfb Add a deception tool Mimicry(https://github.com/chaitin/mimicry) 2023-04-14 14:55:34 +08:00
1 changed files with 3 additions and 1 deletions
Show Stats Expand all files Collapse all files

4
README.md
View File

@ -218,6 +218,7 @@ See also [awesome-honeypots](https://github.com/paralax/awesome-honeypots).
- [CanaryTokens](https://github.com/thinkst/canarytokens) - Self-hostable honeytoken generator and reporting dashboard; demo version available at [CanaryTokens.org](https://canarytokens.org/).
- [Kushtaka](https://kushtaka.org) - Sustainable all-in-one honeypot and honeytoken orchestrator for under-resourced blue teams.
- [Manuka](https://github.com/spaceraccoon/manuka) - Open-sources intelligence (OSINT) honeypot that monitors reconnaissance attempts by threat actors and generates actionable intelligence for Blue Teamers.
- [Mimicry](https://github.com/chaitin/mimicry) - Mimicry is a dynamic deception tool that actively deceives an attacker during exploitation and post-exploitation.
### Tarpits
@ -387,12 +388,13 @@ See also [awesome-threat-detection](https://github.com/0x4D31/awesome-threat-det
- [DeepBlueCLI](https://github.com/sans-blue-team/DeepBlueCLI) - PowerShell module for hunt teaming via Windows Event logs.
- [GRR Rapid Response](https://github.com/google/grr) - Incident response framework focused on remote live forensics consisting of a Python agent installed on assets and Python-based server infrastructure enabling analysts to quickly triage attacks and perform analysis remotely.
- [Hunting ELK (HELK)](https://github.com/Cyb3rWard0g/HELK) - All-in-one Free Software threat hunting stack based on Elasticsearch, Logstash, Kafka, and Kibana with various built-in integrations for analytics including Jupyter Notebook.
- [Logging Made Easy (LME)](https://www.cisa.gov/resources-tools/services/logging-made-easy) - Free and open logging and protective monitoring solution serving.
- [MozDef](https://github.com/mozilla/MozDef) - Automate the security incident handling process and facilitate the real-time activities of incident handlers.
- [PSHunt](https://github.com/Infocyte/PSHunt) - PowerShell module designed to scan remote endpoints for indicators of compromise or survey them for more comprehensive information related to state of those systems.
- [PSRecon](https://github.com/gfoss/PSRecon) - PSHunt-like tool for analyzing remote Windows systems that also produces a self-contained HTML report of its findings.
- [PowerForensics](https://github.com/Invoke-IR/PowerForensics) - All in one PowerShell-based platform to perform live hard disk forensic analysis.
- [rastrea2r](https://github.com/rastrea2r/rastrea2r) - Multi-platform tool for triaging suspected IOCs on many endpoints simultaneously and that integrates with antivirus consoles.
- [Redline](https://www.fireeye.com/services/freeware/redline.html) - Freeware endpoint auditing and analysis tool that provides host-based investigative capabilities, offered by FireEye, Inc.
- [rastrea2r](https://github.com/rastrea2r/rastrea2r) - Multi-platform tool for triaging suspected IOCs on many endpoints simultaneously and that integrates with antivirus consoles.
## Threat intelligence