Oriana
Threat analyzer
A tool for analyzing Windows event logs to identify potential security threats and suspicious behavior in corporate environments.
Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
177 stars
18 watching
32 forks
Language: Python
last commit: over 3 years ago
Linked from 1 awesome list
dfirincident-responsethreat-hunting
0x4d31/awesome-threat-detectionRelated projects:
| Repository | Description | Stars |
|---|---|---|
 ptr32void/ostrica | A framework to collect and visualize threat intelligence information from various sources in a flexible and plugin-based architecture. | 308 |
 a3sal0n/cyberthreathunting | A collection of tools and resources for threat hunters to identify and respond to cyber threats. | 855 |
 stratosphereips/manati | A tool to assist threat analysts in discovering new security problems using machine learning | 112 |
 miladaslaner/threathunt | A PowerShell repository to simulate and train threat hunting skills without malicious files. | 134 |
 crits/crits | An analytic tool for cyber threat analysis and malware correlation, providing a platform for researchers to conduct analyses and save results. | 893 |
 mike-goodwin/owasp-threat-dragon-desktop | An application for threat modeling and risk assessment with system diagramming. | 594 |
 yevh/taac-ai | An AI-driven tool for analyzing service descriptions and identifying security threats. | 114 |
 aboutsecurity/rastrea2r | A tool for hunting and tracking Internet of Things (IoT) security threats by collecting and analyzing indicators of compromise (IOCs) | 116 |
 sk4la/plast | A modular threat-hunting tool framework for detecting indicators of compromise in incident-response operations. | 17 |
 telefonica/attpwn | A tool for simulating and analyzing potential security threats to Microsoft Windows systems using the MITRE ATT&CK framework. | 208 |
 mlsecproject/tiq-test | Analyzes threat intelligence feeds using statistical methods and data visualization. | 171 |
 svdwi/bluebox | Analyzes and enriches threat intelligence data from various sources to help detect malicious files, URLs, and domains. | 38 |
 thehive-project/cortex-analyzers | Develops and stores custom analysis tools for digital forensics and threat intelligence | 434 |
 ahmedkhlief/apt-hunter | A tool to analyze Windows event logs for signs of APT attacks and malware activity. | 1,255 |
 matamorphosis/scrummage | A platform for searching and analyzing publicly available online data to detect potential security threats | 512 |