Prometheus Prometheus, a Cloud Native Computing Foundation project, is a systems and service monitoring system. It collects metrics from configured targets at given intervals, evaluates rule expressions, displays the results, and can trigger alerts if some...
VAST — Visibility Across Space and Time VAST is a network telemetry engine for data-driven security investigations. It ingests high-volume streams of network and logs data, indexes it for later retrieval, and offers several...
hcltm Threat Modeling with HCL Overview There are many different ways in which a threat model can be documented. From a simple text file to more in-depth word documents, to fully instrumented threat models...
SOC Multi-tool Introducing SOC Multi-tool, a free and open-source browser extension that makes investigations faster and more efficient. Now available on the Chrome Web Store and compatible with all Chromium-based browsers such as Microsoft...
Velociraptor – Endpoint visibility and collection tool. Velociraptor is a unique, advanced open-source endpoint monitoring, digital forensic, and cyber response platform. It was originally developed by DFIR professionals who needed a powerful and efficient...
mihari Mihari is a helper to run queries & manage results continuously. Mihari can be used for C2, landing pages, and phishing hunting. How it works Mihari makes a query against Shodan, Censys, VirusTotal,...
Hayabusa Hayabusa is a Windows event log fast forensics timeline generator and threat hunting tool created by the Yamato Security group in Japan. Hayabusa means “peregrine falcon” in Japanese and was chosen as peregrine falcons are the fastest animal in the...
REW-sploit Need help in analyzing Windows shellcode or attack coming from Metasploit Framework or Cobalt Strike (or maybe also other malicious or obfuscated code)? Do you need to automate tasks with simple scripting? Do you want help...
Nightingale Nightingale is an enterprise-level cloud-native monitoring system, which can be used as a drop-in replacement for Prometheus for alerting and management. Nightingale is a cloud-native monitoring system by All-In-On design, that supports enterprise-class...
yaraQA YARA rule Analyzer to improve rule quality and performance Why? YARA rules can be syntactically correct but still dysfunctional. yaraQA tries to find and report these issues to the author or maintainer of...
