Welcome to our repository of resources for threat hunting! Threat hunting is the proactive search for indicators of compromise (IOCs) on a network, with the goal of detecting and mitigating potential threats before they can cause harm. This repository is intended to provide a comprehensive collection of resources to help individuals interested in threat hunting get started or improve their skills and techniques.
The resources in this repository include APIs, datasets, YouTube videos, GitHub repositories, Medium articles, open source tools, papers, and SANS whitepapers. These resources cover a range of topics, including machine learning, dynamic malware analysis, and detection in virtual environments.
We hope that these resources will be useful to anyone interested in threat hunting and that they will help you stay up-to-date on the latest techniques and tools in this rapidly evolving field. Thank you for visiting our repository and we hope that you find these resources helpful.
- virusTotal: https://developers.virustotal.com/reference/overview
- tanium: https://developer.tanium.com/site/global/home/index.gsp
- https://www.stratosphereips.org/datasets-malware
- https://github.com/CyberScienceLab/Our-Datasets
- https://paperswithcode.com/search?q_meta=&q_type=&q=malware
- https://www.youtube.com/watch?v=vxgo2EUFqdU
- https://www.youtube.com/watch?v=OCTz62fN8OA&list=PLfouvuAjspTpxI8P68vblkcLAtJWKuOxu
- https://www.youtube.com/watch?v=YLgycMCPo4c
- https://github.com/threat-hunting/awesome_Threat-Hunting
- https://github.com/A3sal0n/CyberThreatHunting
- https://github.com/ThreatHuntingProject/ThreatHunting
- https://github.com/OTRF/ThreatHunter-Playbook/tree/master/resources
- https://github.com/Cyb3rWard0g
- https://github.com/williballenthin/python-registry
- https://github.com/mandiant/ShimCacheParser
- https://github.com/target/huntlib
- https://github.com/0x4D31/awesome-threat-detection
- https://github.com/wtsxDev/Machine-Learning-for-Cyber-Security
- https://github.com/jivoi/awesome-ml-for-cybersecurity
- https://github.com/13o-bbr-bbq/machine_learning_security
- https://github.com/sans-blue-team/DeepBlueCLI
- https://github.com/SoulSec/resource-threat-hunting
- https://thehelk.com/installation.html
- https://github.com/fabacab/awesome-cybersecurity-blueteam
- https://github.com/redcanaryco/atomic-red-team
- https://github.com/olafhartong/ThreatHunting
- https://github.com/olafhartong/sysmon-cheatsheet
- https://github.com/cedricbonhomme/pyHIDS
- https://github.com/activecm/threat-hunting-labs/
- https://github.com/sbousseaden
- https://medium.com/@hirensadhwani2619/introduction-to-threat-hunting-8dff62ba52ca
- https://medium.com/@levurge/detecting-mimikatz-with-sysmon-f6a96669747e
- https://medium.com/kminthein/threat-hunter-diary-part-1-hunting-mimikatz-4b24f10a65f4
- https://zeek.org/get-zeek
- https://suricata.io
- https://github.com/MarkBaggett/domain_stats
- https://suricata.io
- https://logz.io/learn/complete-guide-elk-stack
- https://thehelk.com/installation.html
- https://www.winitor.com
- A framework for Effective Threat Hunting
- A Scientific Method-Based Threat Hunting
- The Design of Cyber Threat Hunting Games
- Threat Hunting as a Method of Protection
- Automated Threat Hunting Using ELK
- Data-Driven Threat Hunting Using Sysmon
- Dynamic Malware Analysis and Detection in Virtual Environment
- Applying the Scientific Method to Threat Hunting.pdf
- Building and Maturing Your Threat Hunting Program.pdf
- A Practical Model for Conducting Cyber Threat Hunting.pdf
- How to Build a Threat Hunting Capability in AWS.pdf
- New Tools for Your Threat Hunting Toolbox.pdf
- Thinking like a Hunter.pdf
- Threat Hunting via DNS.pdf
- Threat Hunting withConsistency.pdf
- Detecting the Unknown, A Guide to Threat Hunting.pdf
- Threat Hunting in Uncertain Times.pdf
- Threat Hunting 2020 Survey Results.pdf
- Generating Hypotheses for Successful Threat Hunting.pdf
- Scalable Methods for Conducting Cyber Threat Hunt Operations.pdf
- https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html#
- https://cyberwardog.blogspot.com/
- SANDIKAMIMANIA.pdf
- https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/
- https://www.blackhillsinfosec.com/projects/
- https://app.letsdefend.io/academy/lesson/Detecting-Mimikatz-with-Sysmon
- https://www.systemconf.com/2021/12/28/detecting-mimikatz-with-the-sysmon-tool/
- https://blueteamegy.blogspot.com/2020/05/detecting-mimikatz-from-its-origin-lsass.html
- https://cyberwardog.blogspot.com/2017/03/chronicles-of-threat-hunter-hunting-for_22.html
- https://www.eideon.com/2017-09-09-THL01-Mimikatz
- https://www.hexacorn.com/blog/2019/02/03/can-we-stop-detecting-mimikatz-please