Stars
OhMyPCAP is a FOSS web application for analyzing PCAP files. It uses Suricata to generate security alerts and network metadata (DNS, HTTP, TLS, flows). You can then use the beautiful web interface β¦
Pivotick is network graph library to facilitate pivoting.
A curated list of Awesome Threat Intelligence Blogs
A Python library for extracting structured information from unstructured text using LLMs with precise source grounding and interactive visualization.
Production-ready Claude Code plugins from the Ultimate Guide
taylorwalton / talon
Forked from nanocoai/nanoclawAutonomous SOC analyst agent for SOCfortress CoPilot β auto-investigates alerts, enriches IOCs, and writes back findings using Claude + local LLMs, with persistent memory and PII-safe SIEM access.
This is an incident response playbook we created for the Vercel April 2026 compromise
An AI-backed threat hunting assistant that aligns to the PEAK framework.
ATHF is a framework for agentic threat hunting - building systems that can remember, learn, and act with increasing autonomy.
The open source, no-code MCP Server for AI-Native API Access
A minimal CLI tool for managing and executing SQL queries across multiple databases. Written in Go, made beautiful with BubbleTea
The best-benchmarked open-source AI memory system. And it's free.
MCP server for ServiceNow β 19 tools for incidents, CMDB, update sets. OAuth 2.1+PKCE, Claude Code skills, FastMCP 3.0. Works on any SN version (Tokyo+), no entitlements needed.
A high-performance warninglist lookup engine that checks indicators of compromise (IOCs) against MISP warninglists. It identifies false positives by matching values against 120+ curated lists of knβ¦
Warning lists to inform users of MISP about potential false-positives or other information in indicators
VICE is a security auditing CLI tool that finds vulnerabilities in your web applications.
GitNexus: The Zero-Server Code Intelligence Engine - GitNexus is a client-side knowledge graph creator that runs entirely in your browser. Drop in a GitHub repo or ZIP file, and get an interactive β¦
High-performance browser automation bridge and multi-instance orchestrator with advanced stealth injection and real-time dashboard.
Script that uses exiftool and c2pa to identify metadata tags that indicate AI generation
Automated security investigation tool using Microsoft MCP Servers, GitHub Copilot, Python Modules and custom copilot-instructions.
Browse any app normally. Spectral captures the traffic, understands what each API call does, and generates MCP tools that AI agents can call directly.
A rust CLI client for the [Cyberbro](https://docs.cyberbro.net) Threat Intel server
Collection of OSINT tools, best practices and reference material
CLI proxy that reduces LLM token consumption by 60-90% on common dev commands. Single Rust binary, zero dependencies
Unofficial Python API and agentic skill for Google NotebookLM. Full programmatic access to NotebookLM's featuresβincluding capabilities the web UI doesn't exposeβvia Python, CLI, and AI agents likeβ¦
A web-based interface to a Cisco Threat Intel API instance