#
threat
Here are 91 public repositories matching this topic...
The Correlated CVE Vulnerability And Threat Intelligence Database API
python
threat
exploits
vulnerability
scap
vulnerability-databases
threatintel
cve
oval
vulnerability-detection
vulnerability-identification
vulnerability-scanners
cwe
capec
intelligence-gathering
threat-intelligence
vulnerability-database-entry
threat-intelligence-database
vfeed
common-vulnerability-exposure
-
Updated
Feb 10, 2018 - Python
wagner-certat
commented
Jul 3, 2020
Currently, the file input collector allows to delete a file after successfully processing it. Another option could be to move the file to a different directory.
SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
-
Updated
Sep 7, 2020 - PowerShell
Real-time HTTP Intrusion Detection
go
golang
log
logs
threat
ids
intrusion-detection
threat-hunting
iocs
log-analyzer
intrusion
intrusion-detection-system
threat-intelligence
threat-analyzer
analyze-logs
threat-rules
-
Updated
Oct 31, 2020 - Go
colesmj
commented
Oct 21, 2018
"AA03": { "description": "Weakness in SSO Authorization", "source": (Process, Element), "target": (Process, Server), "condition": "target.implementsAuthenticationScheme is False", },
What if the Process implements BasicAuth or uses mutual TLS (neither of which is SSO)?
If the Process uses SAML or OAuth, then maybe.
Maybe authenticationScheme as a string var is neces
Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.
data-science
intelligence
analytics
virtual-machine
malware
threat
cyber
fireeye
intelligence-analysis
mandiant
threatintelligence
threathunting
-
Updated
Sep 24, 2020 - PowerShell
Collecting & Hunting for IOCs with gusto and style
-
Updated
Aug 14, 2020 - Python
Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases
graylog
threat-score
whois
threat
abuse
threatintel
spamhaus
whois-lookup
graylog-plugin
threat-analysis
otx
whois-information
-
Updated
Oct 29, 2020 - Java
-
Updated
Sep 14, 2020 - Java
With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
threat
cert
vulnerability
threatintel
cve
threat-analysis
threat-intelligence
vulnerability-report
vulnerability-data
vulnerability-notes
-
Updated
Jun 22, 2020
MONARC - Method for an Optimised aNAlysis of Risks by @CASES-LU
security
risk-analysis
threat
cybersecurity
cases
vulnerabilities
risk-assessment
governance
monarc
risk-evaluation
risk-treatment
-
Updated
Oct 30, 2020 - TSQL
A simple threat meter for WoW Classic (1.13.2)
-
Updated
Nov 4, 2019 - Lua
Consolidation of various resources related to Microsoft Sysmon & sample data/log
-
Updated
Mar 8, 2019 - Python
Automated threat intelligence collection with McAfee ATD, OpenDXL and MISP
-
Updated
Feb 21, 2020 - Python
A map displaying threat actors from the misp-galaxy
-
Updated
May 28, 2020 - TypeScript
Repository resource for threat hunter
-
Updated
Sep 14, 2018
Inspect your builds to look for changes in filesystem, network traffic and running processes.
vagrant
gradle
machine
inspector
threat
vagrantfile
vagrant-virtual-machine
java-vm
suspicious-builds
inspector-monitors
-
Updated
Aug 10, 2018 - Ruby
Python malware intelligence feed
-
Updated
Feb 16, 2017 - Python
Go library MalShare API
-
Updated
Apr 29, 2019 - Go
Improve this page
Add a description, image, and links to the threat topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the threat topic, visit your repo's landing page and select "manage topics."
Besides incoming blacklisted connections, external to internal traffic isn't super useful in any of our analysis modules. And incoming blacklisted connections is of questionable usefulness as well since the things that normally scan everything on the internet will also normally end up on blacklists. We're not trying to detect someone attacking coming in. We're trying to detect already compromised