PinnedLoading

1. nianticlabs/venatornianticlabs/venatorPublic

   A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalone or with other job schedulers like Nomad.

   Go 373 20

2. awesome-threat-detectionawesome-threat-detectionPublic

   ✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

   4.1k 681

3. galahgalahPublic

   Galah: An LLM-powered web honeypot.

   Go 512 45

4. fattfattPublic

   FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic

   Python 665 95

5. honeyLambdahoneyLambdaPublic

   honeyλ - a simple, serverless application designed to create and monitor fake HTTP endpoints (i.e. URL honeytokens) automatically, on top of AWS Lambda and Amazon API Gateway

   Python 517 55

6. hassh-utilshassh-utilsPublic

   hassh-utils: Nmap NSE Script and Docker image for HASSH - the SSH client/server fingerprinting method (https://github.com/salesforce/hassh)

   Lua 57 15