Oriana
Threat analyzer
A tool for analyzing Windows event logs to identify potential security threats and suspicious behavior in corporate environments.
Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
177 stars
18 watching
32 forks
Language: Python
last commit: over 3 years ago
Linked from 1 awesome list
dfirincident-responsethreat-hunting
0x4d31/awesome-threat-detectionRelated projects:
| Repository | Description | Stars |
|---|---|---|
 ptr32void/ostrica | A framework to collect and visualize threat intelligence information from various sources in a flexible and plugin-based architecture. | 309 |
 a3sal0n/cyberthreathunting | A collection of tools and resources for threat hunters to identify and respond to cyber threats. | 861 |
 stratosphereips/manati | An open-source tool utilizing machine learning to assist threat analysts in identifying security problems. | 112 |
 miladaslaner/threathunt | A PowerShell repository to simulate and train threat hunting skills without malicious files. | 134 |
 crits/crits | An analytic tool for cyber threat analysis and malware correlation, providing a platform for researchers to conduct analyses and save results. | 894 |
 mike-goodwin/owasp-threat-dragon-desktop | A desktop application that helps users design and manage threat models with automatic threat generation and suggested mitigations. | 596 |
 yevh/taac-ai | An AI-driven tool for analyzing service descriptions and identifying security threats. | 117 |
 aboutsecurity/rastrea2r | A tool for hunting and tracking Internet of Things (IoT) security threats by collecting and analyzing indicators of compromise (IOCs) | 116 |
 sk4la/plast | A modular threat-hunting tool framework for detecting indicators of compromise in incident-response operations. | 17 |
 telefonica/attpwn | A tool for simulating and analyzing potential security threats to Microsoft Windows systems using the MITRE ATT&CK framework. | 208 |
 mlsecproject/tiq-test | Analyzes threat intelligence feeds using statistical methods and data visualization. | 173 |
 svdwi/bluebox | Analyzes and enriches threat intelligence data from various sources to help detect malicious files, URLs, and domains. | 39 |
 thehive-project/cortex-analyzers | Develops and stores Cortex analyzers & responders for incident response and threat intelligence. | 437 |
 ahmedkhlief/apt-hunter | A tool to analyze Windows event logs for signs of APT attacks and malware activity. | 1,265 |
 matamorphosis/scrummage | A platform for searching and analyzing publicly available online data to detect potential security threats | 515 |