Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-lists
Security lists for SOC detections
https://github.com/mthcht/awesome-lists
Last synced: 5 days ago
JSON representation
-
Other Lists
-
Investigation
- xcyclopedia
- vmray
- threatbook
- Kaspersky Security Network
- Microsoft Security Intelligence Report
- OUI mac address lookup
- abuse.ch
- malware-traffic-analysis
- waybackmachine
- dnshistory
- asnlookup
- fofa.info
- Sandbox HA
- Sandbox Anyrun
- triage
- capesandbox
- joesandbox
- Apptotal (apps and extensions analysis)
- SpamHaus
- AbuseIPDB
- Malwarebazaar
- emailrep
- shodan
- Onyphe
- Censys
- threatminer
- urlscan
- mxtoolbox
- ipvoid
- Microsoft TI
- pulsedive
- IBM X-Force Exchange
- AlienVault OTX
- greynoise
- echotrail
- whois domaintools
- viewdns
- url tiny-scan
- cloudfare scan
- checkphish
- McAfee Threat Intelligence Exchange
- cybergordon (reputation check)
- cloudfare scanner
- whoxy
- SecurityTrail
- ZommEye
- urlquery
- urldna.io
- Malware-Traffic-Analysis (PCAP files)
- triage
- filescan.io
- threat zone
-
Data manipulation
- JS deobfuscator
- CyberChef
- Text Tool
- Message Header
- MXToolbox EmailHeaders
- Email Header Analyzer
- Email Header Analysis
- Gitlab dashboard from Excel
- OPENAI
- jsoncrack
- Hash calculator
- regex101
- Javascript Deobfuscator
- JSONViewer
- TextMechanic
- UrlEncode.org
- TextFixer
- RegExr
- Online XML Formatter and Beautifier
- XML Escape Tool
- DiffChecker
- HTML Formatter
- TextUtils
- TextCompactor
- Pretty Diff
- XML Tree
- String Manipulation Tool
- urlunscrambler
- longurl
- uncoder
- DeHashed
- PCAP online analyzer
-
Detection Resources
- GTFOBIN
- LOLBAS
- Elastic Rules
- DFIR-Report Sigma-Rules
- mdecrevoisier Sigma-Rules
- P4T12ICK Sigma-Rules
- tsale Sigma-Rules
- list of detections resources
- detection engineering resources
- awesome-threat-detection
- LOTS
- loldrivers
- WTFBIN
- Sigma
- Splunk Rules
- MITRE Navigator
- MITRE Updates
- MITRE D3fend
- MITRE techniques
- MITRE Datasources
- JoeSecurity Sigma-Rules
- LOLRMM
-
DFIR
-
Security News
- detect.fyi
- CERT FR Avis
- akamai Feed
- Elastic Blog
- Adam Chester Blog Feed
- Mauricio Velazco Blog
- tenable Blog
- horizon3 Feed
- Incidents reports Feed
- NCC Group Research Feed
- SpecterOps Feed
- detect.fyi
- detect.fyi
- detect.fyi
- detect.fyi
- detect.fyi
- detect.fyi
- detect.fyi
- DFIR Podcasts
- DFIR weekly news
- sans blog
- CERT-FR
- CERT FR Alerts
- JPCERT
- EricaZelic Blog
- CISA news
- thedfirreport Feed
- Splunk Research Blog
- Unit42 Feed
- Cisco Talos Feed
- Crowdstrike Feed
- Hexacorn Blog
- simone kraus Blog
- Michael Haag Blog
- Sophos Research Feed
- Offensive Research - DSAS by INJECT
- HackerNews Feed
- Bleepingcomputer Feed
- detect.fyi
- detect.fyi
- Clément Notin Feed
- detect.fyi
- detect.fyi
- detect.fyi
- Google Threat Intelligence
- Sekoi Blog
- detect.fyi
-
IOC Feeds/Blacklists:
- Block Lists
- DNS Block List
- Phishing Block List
- C2IntelFeeds
- Volexity TI
- Open Source TI
- C2 Tracker
- Unit42 Timely IOC
- Unit42 Articles IOC
- Zscaler ThreatLabz IOC
- Zscaler ThreatLabz Ransomware notes
- Sophos lab IOC
- ESET Research IOC
- ExecuteMalware IOC
- Cisco Talos IOC
- Blackorbid APT Report IOC
- AVAST IOC
- DoctorWeb IOC
- BlackLotusLab IOC
- prodaft IOC
- Pr0xylife DarkGate IOC
- Pr0xylife Latrodectus IOC
- Pr0xylife WikiLoader IOC
- Pr0xylife SSLoad IOC
- Pr0xylife Pikabot IOC
- Pr0xylife Matanbuchus IOC
- Pr0xylife QakBot IOC
- Pr0xylife IceID IOC
- Pr0xylife Emotet IOC
- Pr0xylife BumbleBee IOC
- Pr0xylife Gozi IOC
- Pr0xylife NanoCore IOC
- Pr0xylife NetWire IOC
- Pr0xylife AsyncRAT IOC
- Pr0xylife Lokibot IOC
- Pr0xylife RemcosRAT IOC
- Pr0xylife nworm IOC
- Pr0xylife AZORult IOC
- Pr0xylife NetSupportRAT IOC
- Pr0xylife BitRAT IOC
- Pr0xylife BazarLoader IOC
- Pr0xylife SnakeKeylogger IOC
- Pr0xylife njRat IOC
- Pr0xylife Vidar IOC
- Elastic Lab IOC
- Unit42 IOC
- UrlHaus_misp
- UrlHaus
- Cloud Intel IOC
- Pr0xylife Warmcookie IOC
- vx-underground - Great Resource for Samples and Intelligence Reports
- Sekoia IOC
- experiant.ca
- SpamHaus drop.txt
-
Formations
-
SIEM/SOC related:
-
Others
-
TI TTP/Framework/Model/Trackers
- MITRE CAPEC
- MITRE PRE-ATT&CK Techniques
- MITRE CAR
- All MITRE data in xlsx format
- Tools used by threat actor groups - MITRE ATT&CK
- atomic-red-team
- redcanary Threat Detection report
- The-Unified-Kill-Chain
- Tools used by ransomware groups - @BushidoToken
- Tactics - MITRE ATT&CK
- Mitigation - MITRE ATT&CK
- TTP pyramid
- Pyramid of pain
- Cyber Kill chain
- Ransomware.live
-
LAB
-
-
Threat Hunting:
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- ThreatHunting keywords Site
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- User-Agents Searches
- PSEXEC & similar tools Searches
- User-Agents Searches
- Windows Services Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- DNS Over HTTPS Searches
- User-Agents Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious TLDs Searches
- Windows Services Searches
- User-Agents Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- PSEXEC & similar tools Searches
- Time Slipping detection
- Phishing & DNSTWIST Searches
- ThreatHunting searches
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Browsers extensions Searches
- C2 hiding in plain sigh
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- User-Agents Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- Windows Services Searches
- HTML Smuggling artifacts
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- PSEXEC & similar tools Searches
- Time Slipping detection
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Suspicious Named pipes
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- Time Slipping detection
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- Windows Services Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- Time Slipping detection
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- HTML Smuggling artifacts
- PSEXEC & similar tools Searches
- User-Agents Searches
- DNS Over HTTPS Searches
- Suspicious TLDs Searches
- HijackLibs Searches
- Phishing & DNSTWIST Searches
- Time Slipping detection
-
Security News
-
Investigation
-
More TI
-
TI
-
-
Data manipulation
-
Sandbox
-
-
My Detection Lists
Programming Languages
Categories
Sub Categories
Keywords
threat-hunting
15
threat-intelligence
12
security
11
incident-response
11
dfir
10
cybersecurity
9
awesome-list
7
detection-engineering
6
forensics
5
malware
5
detection
5
blueteam
5
windows
5
siem
5
threatintel
5
malware-analysis
4
soc
4
mitre-attack
4
iocs
4
awesome
4
splunk
4
forensic
3
rust
3
threathunting
3
redteam
3
offensive-scripts
3
ioc
3
ransomware
3
digital-forensics
3
endpoint-security
3
yara
3
malware-research
3
osint
3
sigma
3
yara-rules
3
hacktools
3
offensive-security
3
blocklist
3
filterlist
2
purpleteam
2
adblock
2
ttp
2
dns
2
apt
2
adblock-list
2
digitalforensics
2
blacklist
2
linux
2
indicators-of-compromise
2
kape
2