hunting

There are 25 repositories under hunting topic.

• hacklcx / HFish

  安全、可靠、简单、免费的企业级蜜罐

  honeypothunting
  3878

• OTRF / ThreatHunter-Playbook

  A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

  threat-huntingsysmonhunting-campaignshypothesishuntingdfirhuntermitre-attack-dbmitre
  Language:Python 3860

• Cyb3rWard0g / HELK

  The Hunting ELK

  huntingelasticsearchkibanalogstashhunting-platformselkelk-stackelasticdockerjupyter-notebookthreat-huntingsparkdockerhub
  Language:Jupyter Notebook 3692

• Security-Onion-Solutions / security-onion

  Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management

  intrusion-detectionnetwork-security-monitoringlog-managementidsnsmhuntingdfir
  3057

• Yamato-Security / hayabusa

  Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

  dfirthreathuntingwindowseventlogsrustsigmadetectionattackforensicsincidentresponsehayabusayamatosecuritycybersecurityincident-responsesecurity-automationthreat-hunting
  Language:Rust 1920

• microsoft / Microsoft-365-Defender-Hunting-Queries

  Sample queries for Advanced hunting in Microsoft 365 Defender

  huntingcybersecuritysample-code
  Language:Jupyter Notebook 1847

• Yamato-Security / WELA

  WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

  dfirloganalysisforensicsincidentresponsesigmawindowseventlogsthreathuntingtimeline
  Language:PowerShell 675

• FalconForceTeam / FalconFriday

  Hunting queries and detections

  kqlblueteamhuntingpurpleteamsentineldefender-atpdefender-for-endpoint
  651

• DefensiveOrigins / AtomicPurpleTeam

  Atomic Purple Team Framework and Lifecycle

  purpleteamhuntingattackattack-defenseattack-detectionlifecycle-managementlifecyclefamework
  269

• rastrea2r / rastrea2r

  Collecting & Hunting for IOCs with gusto and style

  threathuntingiocsecurity-tools
  Language:Python 233

• eshlomo1 / Microsoft-Sentinel-SecOps

  Microsoft Sentinel SOC Operations

  azure-sentinelsecuritysecopssiemsocazurehuntingirincident-responsemicrosoftmicrosoft-sentinelthreat-huntingthreat-intelligencecloudsecurity
  Language:PowerShell 228

• jurelou / epagneul

  Graph Visualization for windows event logs

  securitysecurity-toolsforensicsforensics-toolsthreat-huntinghuntingevtxblueteamdfir-automation
  Language:Python 221

• wortell / KQL

  KQL queries for Advanced Hunting

  kqlsecurityhunting
  165
• Pro2WordBTC

  Pymmdrza / Pro2WordBTC

  Bitcoin Crack and Hunting Private Key With Mnemonic [HACK] Passphrase 12-24 words and check value of address (transaction & balance)

  bitcoinbitcoin-walletbtccrackhuntingminingmnemonicprivatekeyhackbitcoin
  Language:Python 94

• lawndoc / AdvancedHuntingQueries

  Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant

  securitycybersecuritykustokqlhuntingthreat-huntingdetectiondetection-engineeringmicrosoftmicrosoft365defender-for-endpointdefenderdefender-atpcyber-securityxdr
  93
• Pyromid

  Pymmdrza / Pyromid

  Pyromid For Hack and Cracking Private Key and Address Bitcoin Wallet From Mnemonic [Words - Passphrase]

  bitcoincrackhuntingkeymnemonicmnemonic-generatormnemonic-phraseprivatewalletbitcoinprivatekeypyromid
  Language:Python 93

• al0ne / MacCheck

  一个Mac下信息搜集小脚本 主要用于信息搜集/应急响应/检测挖矿进程/异常进程/异常启动项

  macosshellshell-scripthunting
  Language:Shell 73

• alexverboon / Hunting-Queries-Detection-Rules

  KQL Queries. Microsoft 365 Defender, Microsoft Sentinel

  detectionkqlsecuritysentineldefender365dfirhuntingdefenderforendpointdefenderforidentityazureazuread
  65
• MultiCryptoFinderRich

  Pymmdrza / MultiCryptoFinderRich

  Multi Batch Private Key Genereted and Check from Database

  bitcoinethereumprivate-keyprivatekeygeneratorpythonbtccrackdashdogecoinethhuntingtrontrxburteforce
  Language:Python 46
• ThreatHunting-Keywords-yara-rules

  mthcht / ThreatHunting-Keywords-yara-rules

  yara detection rules for hunting with the threathunting-keywords project

  awesome-listblueteamdetection-engineeringdfirforensics-toolshacktoolshuntingincident-responseoffensive-securitythreat-huntingthreat-intelligenceyara-forensicsyara-rulesyara-scanneryara-signatures
  Language:YARA 43

• emrekybs / Douglas-042

  Powershell script to help Speed ​​up Threat hunting incident response processes

  forensic-analysisforensicsincident-responsepowershellthreat-huntingthreat-intelligencehunting
  Language:PowerShell 41

• trellix-enterprise / RTS-Queries

  Practical Orientation Of MVISION EDR Query Language

  mvision-edrmvisionrtsreal-time-searchedrhuntingcollectorssocblue-team
  34

• Yara-Rules / r2yara

  r2yara - Module for Yara using radare2 information

  yararadare2r2huntingmalware
  Language:C 33

• svch0stz / TheThreatHuntLibrary

  Library of threat hunts to get any user started!

  huntingmitrehypothesisthreat-huntingthreathuntingcybersecurity
  Language:Python 32

• eremit4 / Akamaru

  Sniffing out well-known threat groups

  apt-groupsctipythonransomware-resourcesthreat-huntingthreat-intelligencehuntingmitre-attacksentinelonethreathuntingthreatintelmitre-attack-dbransomlook
  Language:Python 27

• ceramicskate0 / SWELF

  Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.

  windowseventlogforwarderloggingdotnetlogsdefenselogging-agentlog-forwarderhuntingcybersecuritysiempowershelldetectionwindowseventsanalyticsanalysisevtxlogging-frameworksysmon
  Language:C# 23

• alyrezo / FindBBP

  Bug Bounty Program Discovery tool, that discovers bug Bounty Program via security.txt file by default and you can use custom dork

  bugbug-bountybug-huntingbugbountybugbounty-toolhackhackerhunting
  Language:Python 16

• tomwechsler / Threat_Hunting_with_PowerShell

  Security even with a small budget - there is no excuse!

  huntingmicrosoftpowershell
  Language:PowerShell 16

• corelight / Dashboards-Splunk-DNS-Hunting-Beaconing

  DNS Dashboard for hunting and identifying beaconing

  dns-dashboardhunting
  14

• 0x802 / LinkSniper

  Spider or repeater to find all links.

  spiderscrawlrepeaterlinksurlsscanhacktoolsbugbountyhuntingsubdomainsubdomain-scanner
  Language:Python 13
• BlueSpace2021

  ch33r10 / BlueSpace2021

  Ekoparty's BlueSpace Keynote November 2021. Shoutout to @plugxor Muchas Gracias!!!

  threat-huntingthreat-intelligencethreat-intelhuntingctihuntcyber-threat-intelligencecyber-threat-hunting
  13

• joeavanzato / crackdown

  Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.

  blueteamdfirforensicsgolanghuntingincident-responsepersistence
  Language:Go 12
• BoosterHunt

  Pymmdrza / BoosterHunt

  Booster Hunting a Powerfull script For Hunting Private Key With CPU Saver MOD

  boosterbitcoinbitcoinaddressbtccheckcpucrackcrackinghunthuntingline-to-lineprivatekeypythonreadlinewallet
  Language:Python 12
• MixHunter

  Pymmdrza / MixHunter

  MixHunter for crack hack hunting private key ethereum litecoin dash dogecoin

  crackdashdogecoinethereumhackhuntingkeylitecoinprivateprivatekeytoolsmixhunter
  12

• bobbystacksmash / CMD-DeObfuscator

  A Node.js module for deobfuscating and expanding DOS/BATCH commands.

  malware-analysismalwareincident-responsehuntingbatch
  Language:JavaScript 11

• nkleck / gitrax

  Github username search

  githubusernamegithub-apiemailhunting
  Language:Python 8