threathunting

There are 52 repositories under threathunting topic.

intelowlproject/IntelOwl
IntelOwl: manage your Threat Intelligence at scale
Language:Python3.2k 75 571396
alexandreborges/malwoverview
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
Language:Python2.8k 117 29417
mandiant/ThreatPursuit-VM
Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.
Language:PowerShell1.2k 70 39241
atc-project/atomic-threat-coverage
Actionable analytics designed to combat threats
Language:Python950 56 100159
darkquasar/AzureHunter
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
Language:PowerShell765 21 384
tenzir/tenzir
Open source security data pipelines.
Language:C++622 35 085
alexverboon/MDATP
Microsoft Defender XDR - Resource Hub
Language:PowerShell450 33 659
mthcht/ThreatHunting-Keywords
Awesome list of keywords and artifacts for Threat Hunting sessions
Language:HTML359 7 840
GACWR/OpenUBA
A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]
Language:Python358 31 22210
Kirtar22/Litmus_Test
Detecting ATT&CK techniques & tactics for Linux
Language:Roff251 19 156
AbdulRhmanAlfaifi/Fennec
Artifact collection tool for *nix systems
Language:Rust182 5 1121
mthcht/Purpleteam
Purpleteam scripts simulation & Detection - trigger events for SOC detections
Language:PowerShell127 8 114
Viralmaniar/MurMurHash
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Language:Python112 4 017
UncoderIO/Uncoder_IO
An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.
Language:Python109 11 821
alt3kx/wafaray
Enhance your malware detection with WAF + YARA (WAFARAY)
Language:Shell106 5 213
csirtgadgets/cif-v5
The FASTEST way to consume threat intel.
Language:Python61 7 1511
Truvis/SplunkDashboards
Collection of Dashboards for Threat Hunting and more!
50 7 011
mthcht/ThreatHunting-Keywords-sigma-rules
Sigma detection rules for hunting with the threathunting-keywords project
Language:Python41 2 04
svch0stz/TheThreatHuntLibrary
Library of threat hunts to get any user started!
Language:Python40 5 04
victorpreston/HackLab
Welcome to HackLab, your go-to resource for hands-on cybersecurity projects. This repository is a collection of step-by-step projects designed to enhance your understanding of various cybersecurity concepts, techniques, and tools.
Language:Python30 2 05
HellishPn/Volatility-MM-CS
Volatility MindMap & Cheat Sheet
29 2 18
stvetro/HuntWithChatGPT
Tiny proof-of-concept PowerShell script to do threat hunting using ChatGPT (text-davinci-003)
Language:PowerShell28 2 07
eremit4/Akamaru
Sniffing out well-known threat groups
Language:Python27 4 11
ecstatic-nobel/Aisle25
Detect leaks in security event logs.
Language:Python18 1 00
00gxd14g/misp-extractor
This is a simple Python script that connects to a MISP instance and retrieves attributes of specific types (such as IP addresses, URLs, and hashes). The retrieved attributes are then written to separate files.
Language:Python16 1 12
elceef/yara-rulz
Collection of generic YARA rules
Language:YARA14 3 01
CertAcademico/IncidentResponseTool
Kit de herramientas para atender un incidente de Ciberseguridad y elementos claves para poder gestionar y analizar artefactos basados en una intrusión informática.
12 1 06
TeMiroYteHasheo/The-Hunters-Framework
Project to Support The Hunter's Framework (THF)
11 3 03
ManuelBerrueta/BST
🏴‍☠️ BST is an ever-evolving collection of 🛠 tools to help in security and administration day to day tasks 😉
Language:Python9 3 00
N3tworkSec/N3tstatIDS
Lightweight Endpoint Detection & Response (EDR) Framework
9 4 05
buzzer-re/DeepSecurity-2-ATTCK
Pull your DS rules and build a ATT&CK matrix
Language:Python7 2 13
Richard1611/RemoteKapeTriage
A powershell tool that automate the remote forensic evidence adquisitions (triage) from Remote windows machines, using KAPE tool.
Language:PowerShell7 2 01
BenjiTrapp/aws-threat-hunting
Short deep dive into Threat Hunting on AWS
Language:Jupyter Notebook6 1 01
xFFninja/happy_threat_hunting
Threat Hunting
6 2 01
adamsmesher/hunterground
Another Threat Hunting knowledge base :) based on MITRE ATT&CK Matrix
4 1 00
AndrewRathbun/BeaconHunter
An updated fork of @3lp4tr0n's BeaconHunter. Detect and respond to Cobalt Strike beacons using ETW
Language:C#4 1 01

threathunting

intelowlproject/IntelOwl

alexandreborges/malwoverview

mandiant/ThreatPursuit-VM

atc-project/atomic-threat-coverage

darkquasar/AzureHunter

tenzir/tenzir

alexverboon/MDATP

mthcht/ThreatHunting-Keywords

GACWR/OpenUBA

Kirtar22/Litmus_Test

AbdulRhmanAlfaifi/Fennec

mthcht/Purpleteam

Viralmaniar/MurMurHash

UncoderIO/Uncoder_IO

alt3kx/wafaray

csirtgadgets/cif-v5

Truvis/SplunkDashboards

mthcht/ThreatHunting-Keywords-sigma-rules

svch0stz/TheThreatHuntLibrary

victorpreston/HackLab

HellishPn/Volatility-MM-CS

stvetro/HuntWithChatGPT

eremit4/Akamaru

ecstatic-nobel/Aisle25

00gxd14g/misp-extractor

elceef/yara-rulz

CertAcademico/IncidentResponseTool

TeMiroYteHasheo/The-Hunters-Framework

ManuelBerrueta/BST

N3tworkSec/N3tstatIDS

buzzer-re/DeepSecurity-2-ATTCK

Richard1611/RemoteKapeTriage

BenjiTrapp/aws-threat-hunting

xFFninja/happy_threat_hunting

adamsmesher/hunterground

AndrewRathbun/BeaconHunter