Tools for blue team

Dynamic network analysis for malware.

Runtime security for containers.

Open vulnerability management platform.

Adversary tradecraft detection on Windows.

Osquery-powered device management.

Security advisories + PoCs from Google.

Open log management.

The Hunting ELK stack.

Windows hardening for high-risk users.

Windows event log threat hunter.

Open-source adversary emulation platform.

Manage threat intel at scale.

Visualize Windows logon events.

Simple IOC and YARA scanner.

Linux / macOS / Unix security auditor.

Threat intelligence sharing platform.

Automated adversary emulation.

Microsoft Threat Intelligence in Python.

Malicious-traffic detection system.

Open-source security data lake on AWS.

The classic network mapper and port scanner.

Open adversarial exposure validation.

Open cyber threat intelligence platform.

Decentralized, modular honeypot.