⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident response processes

A powerful scanner to scan your Filesystem, S3, MySQL, Redis, Google Cloud Storage and Firebase storage for PII and sensitive data.

A secure low code honeypot framework, leveraging AI for System Virtualization.

Detect Tactics, Techniques & Combat Threats

Dettectinator - The Python library to your DeTT&CT YAML files.

Automate the creation of a lab environment complete with security tooling and logging best practices

Chepy is a python lib/cli equivalent of the awesome CyberChef tool.

Modern Honey Network

MISP Playbooks

Modules for expansion services, import and export in MISP

SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack, and view Saved Searches configured by teammates.

AIL framework - Analysis Information Leak framework

MISP (core software) - Open Source Threat Intelligence and Sharing Platform (formely known as Malware Information Sharing Platform)

Configuration files for the SOF-ELK VM, used in SANS FOR572

Open Source Platform for storing, organizing, and searching documents related to cyber threats

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.

MISP website (hugo-based)

Gets updates from various clearnet domains and ransomware threat actor domains

Library of blueprints usable in MISP Workflows

SightingDB is a database for Sightings

Sysmon configuration file template with default high-quality event tracing

Python utility to generate filesystem content for Obsidian.

Paradigm is an open source tool that looks at your network landscape and determines what is actually accessible via the internet.

Mitre ATT&CK framework tactics and techniques in markdown format for best use in Obsidian

Cortex Analyzers Repository