threat-hunting
There are 527 repositories under threat-hunting topic.
MISP/MISP
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
elceef/dnstwist
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
SwiftOnSecurity/sysmon-config
Sysmon configuration file template with default high-quality event tracing
OISF/suricata
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
OTRF/ThreatHunter-Playbook
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
Cyb3rWard0g/HELK
The Hunting ELK
0x4D31/awesome-threat-detection
✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
InQuest/awesome-yara
A curated list of awesome YARA rules, tools, and people.
intelowlproject/IntelOwl
IntelOwl: manage your Threat Intelligence at scale
kitabisa/teler
Real-time HTTP Intrusion Detection
Security-Onion-Solutions/securityonion
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, and case management. It also includes other tools such as Playbook, osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
alexandreborges/malwoverview
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
WithSecureLabs/chainsaw
Rapidly Search and Hunt through Windows Forensic Artefacts
olafhartong/sysmon-modular
A repository of sysmon configuration modules
Neo23x0/signature-base
YARA signature and IOC database for my scanners and tools
blackorbird/APT_REPORT
Interesting APT Report Collection And Some Special IOC
sbousseaden/EVTX-ATTACK-SAMPLES
Windows Events Attack Samples
Yamato-Security/hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
yeti-platform/yeti
Your Everyday Threat Intelligence
nshalabi/SysmonTools
Utilities for Sysmon
osintbrazuca/osint-brazuca
Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.
matanolabs/matano
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
yampelo/beagle
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
deepfence/YaraHunter
🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍
ION28/BLUESPAWN
An Active Defense and EDR software to empower Blue Teams
StamusNetworks/SELKS
A Suricata based IDS/IPS/NSM distro
ahmedkhlief/APT-Hunter
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
olafhartong/ThreatHunting
A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
0xrawsec/whids
Open Source EDR for Windows
netevert/sentinel-attack
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Bert-JanP/Hunting-Queries-Detection-Rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
alvin-tosh/Malware-Exhibit
🚀🚀 This is a 🎇🔥 REAL WORLD🔥 🎇 Malware Collection I have Compiled & analysed by researchers🔥 to understand more about Malware threats😈, analysis and mitigation🧐.
curated-intel/Ukraine-Cyber-Operations
Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine.
osintbrazuca/osint-brazuca-regex
Repositório criado com intuito de reunir expressões regulares dentro do contexto Brasil
ninoseki/mihari
A query aggregator for OSINT based threat hunting
thalesgroup-cert/Watcher
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.