GitHub - idaholab/Malcolm: Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts. Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts. - idaholab/Malcolm

@sardonic.systems Thank you
github.com/idaholab/Mal...

Reposting
I wish Bluesky had an update and editing option 😊

Malcolm: A powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts

Check ✅️ it out:
github.com/idaholab/Mal...

#cybersecurity #infosec #threathunting #suricata #zeek

GitHub - c0m4r/paranoya: Simple IOC and YARA scanner for Linux® Simple IOC and YARA scanner for Linux®. Contribute to c0m4r/paranoya development by creating an account on GitHub.

Paranoya: A simple IOC and Yara scanner for Linux

Check ✅️ it out:
github.com/c0m4r/paranoya

#cybersecurity #yararules #linux

GitHub - R4z1xx/malwatcher: Malwatcher is a self-hosted platform that simplifies the process of verifying IOCs by combining multiple online tools into one interface, eliminating the need to visit each... Malwatcher is a self-hosted platform that simplifies the process of verifying IOCs by combining multiple online tools into one interface, eliminating the need to visit each tool's website indiv...

Malwatcher: A self-hosted platform for verifying IOCs by centralizing online tools into one interface

Check ✅️ it out:
github.com/R4z1xx/malwa...

#cybersecurity ##threatintelligence #threatintel #infosec

ThreatSentry AI: A threat hunting dashboard that utilizes ML and determines risk assessment by vulnerability identification of data
Check✅️ it out:

github.com/EclipseManic...

#threathunting #cybersecurity #infosec #ml #ai-security #threatdetection

GitHub - M3rcuryLake/Nyxelf: Nyxelf is a highly effective tool tailored for analyzing malicious Linux ELF binaries, offering comprehensive support for both static and dynamic analysis techniques. Nyxelf is a highly effective tool tailored for analyzing malicious Linux ELF binaries, offering comprehensive support for both static and dynamic analysis techniques. - M3rcuryLake/Nyxelf

Nyxelf: A Linux ELF tool for analyzing malicious Linux ELF binaries that supports static and dynamic analysis

🔗Check it out:
github.com/M3rcuryLake/...

#binaryanalysis #linuxelf #reverseengineering #malwareanalysis #threathunting #infosec

Using KQL to Enhance Threat Detection rodtrent.substack.co...

#MustLearnKQL #KQL #KQLMysteries

yara2stix - A command line tool that converts the YARA Rules into STIX 2.1 Objects
Check it out:
github.com/muchdogesec/...

#yararules #detectionengineering #stix #threatintelligence #threatdetection

GitHub - s-tip/stip-common: Seamless Threat Intelligence Platform Seamless Threat Intelligence Platform. Contribute to s-tip/stip-common development by creating an account on GitHub.

S-TIP (Seamless Threat Intelligence Platform) - A threat intelligence platform to convert CTI into STIX files for more comprehensive viewing and information sharing
Check it out:🔥🔥

github.com/s-tip/stip-c...

#threatintel #STIX #threathunting #detectionengineering
#cybersecurity #infosec

GitHub - matanolabs/matano: Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS - matanolabs/matano

Matano - An open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS

Check it out:
github.com/matanolabs/m...

#threathunting #detectionengineering
#aws
#cybersecurity
#infosec

GitHub - SecurityBrewery/catalyst: ⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident response processes ⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident response processes - SecurityBrewery/catalyst

Catalyst - A self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident response processes
Check it out 🔥🔥:
github.com/SecurityBrew...

#DFIR #incidentresponse #alerttriage #cybersecurity

GitHub - utmstack/UTMStack: Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence. Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence. - utmstack/UTMStack

UTMStack - A customizable SIEM and XDR powered by real-time correlation and threat intelligence
Check it out 🔥🔥:
github.com/utmstack/UTM...

#threatintelligence #threathunting #SIEM #SOAR #detectionengineering #cybersecurity #infosec

GitHub - nianticlabs/venator: A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalone or with other job schedulers l... A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalone or with other job schedulers like Nomad. - nianticlabs/ve...

Venator - A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm.

Check it out:
github.com/nianticlabs/...

#detectionengineering #threathunting #kubernetes #infosec #cybersecurity

GitHub - Yamato-Security/hayabusa: Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs. Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs. - Yamato-Security/hayabusa

Hayabusa - A sigma-based threat hunting and fast forensics 🔎 timeline generator for Windows event logs.
It can easily be integrated with other hunting & DFIR tools such as Velociraptor & OpenRelik.

Check it out 🔥🔥:
github.com/Yamato-Secur...

#threathunting #DFIR #sigma #cybersecurity #infosec

@hexacorn.bsky.social is awesome as well! 🤩🙌

@kostas-sec.bsky.social @mthcht.bsky.social are awesome people to add to the list

Thank you for adding me to the list @shannadaly.bsky.social ! 😊
A great start to a new year! Happy 2025! 🤩🙌

GitHub - yeti-platform/yeti: Your Everyday Threat Intelligence Your Everyday Threat Intelligence. Contribute to yeti-platform/yeti development by creating an account on GitHub.

Yeti (Your Everyday Threat Intelligence) - A platform that manages forensics 🔍 intelligence and connects CTI with DFIR artifacts
Check it out 🔥🔥:
github.com/yeti-platfor...

#threatintelligence #DFIR #CTI #threathunting #cyberforensics #cybersecurity #infosec

GitHub - RootMiner/YaraGuard: 👾 YaraGuard is a static malware analysis tool that uses YARA rules as it's core 👾 YaraGuard is a static malware analysis tool that uses YARA rules as it's core - RootMiner/YaraGuard

YaraGuard - a static malware analysis tool that uses YARA rules as it's core
Check it out 🔥🔥:
github.com/RootMiner/Ya...

#yararules #threathunting #malwareanalysis
#cybersecurity #infosec

GitHub - muditmathur2020/RansomwareDetection: Ransomware Detection using Machine Learning Models and Ensemble Technique Ransomware Detection using Machine Learning Models and Ensemble Technique - muditmathur2020/RansomwareDetection

Ransomware Detection Using ML Models
github.com/muditmathur2...
#ransomware #ml #detectionengineering #threathunting #threatdetection #infosec #cybersecurity

GitHub - atenreiro/opensquat: The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands. The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands. - atenreiro/opensquat

openSquat - An open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.

github.com/atenreiro/op...

#detectionengineering
#threatdetection #threathunting #cybersecurity #infosec

Welcome to Bluesky 🦋
Good to see more malware analysts here 😊

Welcome to Bluesky 🦋 😊
You will like the community here
It's a refreshing change

Congratulations! That's awesome!🤩🙌🤎🪅🪅🪅

GitHub - cossacklabs/acra: Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports clien... Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side (&...

Acra - A database protection suite with field level encryption and intrusion detection that provides SQL injection prevention, honeypots, and support for both client and proxy encryption

Check it out:
github.com/cossacklabs/...

#threatdetection #databasesecurity #honeypot #cybersecurity #infosec

Welcome to Bluesky 🦋
I'm on Mastodon as well
Bluesky 🦋 is a refreshing change 😊

Malware Researcher and Threat Hunter here
Please feel free to add me on the list 😊

GitHub - cossacklabs/acra: Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports clien... Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side (&...

Acra - A database protection suite with field level encryption and intrusion detection that provides SQL injection prevention, honeypots, and support for both client and proxy encryption

Check it out:
github.com/cossacklabs/...

#threatdetection #databasesecurity #honeypot #cybersecurity #infosec

Thank you for clarifying
I was wondering 🤔 after the post 😂