Tools

CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.

tirreno is an open-source security framework. Event tracking, threat detection, and risk scoring for any application.

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

Web-based dashboard for Fail2Ban log filtering and blocklist control

The pattern matching swiss knife

Bloodhound Reporting for Blue and Purple Teams