hunting

There are 24 repositories under hunting topic.

• hacklcx / HFish

  安全、可靠、简单、免费的企业级蜜罐

  honeypothunting
  4035

• OTRF / ThreatHunter-Playbook

  A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

  dfirhunterhuntinghunting-campaignshypothesismitremitre-attack-dbsysmonthreat-hunting
  Language:Python 3958

• Cyb3rWard0g / HELK

  The Hunting ELK

  dockerdockerhubelasticelasticsearchelkelk-stackhuntinghunting-platformsjupyter-notebookkibanalogstashsparkthreat-hunting
  Language:Jupyter Notebook 3738

• Security-Onion-Solutions / security-onion

  Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management

  intrusion-detectionnetwork-security-monitoringlog-managementidsnsmhuntingdfir
  3058

• Yamato-Security / hayabusa

  Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

  attackcybersecuritydetectiondfireventforensicshayabusahuntingincidentincident-responselogsresponserustsecuritysecurity-automationsigmathreatthreat-huntingwindowsyamato
  Language:Rust 2138

• microsoft / Microsoft-365-Defender-Hunting-Queries

  Sample queries for Advanced hunting in Microsoft 365 Defender

  cybersecurityhuntingsample-code
  Language:Jupyter Notebook 1901

• Yamato-Security / WELA

  WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

  dfirloganalysisforensicsincidentresponsesigmawindowseventlogsthreathuntingtimeline
  Language:PowerShell 745

• FalconForceTeam / FalconFriday

  Hunting queries and detections

  blueteamdefender-atpdefender-for-endpointhuntingkqlpurpleteamsentinel
  703

• DefensiveOrigins / AtomicPurpleTeam

  Atomic Purple Team Framework and Lifecycle

  attackattack-defenseattack-detectionfameworkhuntinglifecyclelifecycle-managementpurpleteam
  278

• eshlomo1 / Microsoft-Sentinel-SecOps

  Microsoft Sentinel SOC Operations

  azureazure-sentinelcloudsecurityhuntingincident-responseirmicrosoftmicrosoft-sentinelsecopssecuritysiemsocthreat-huntingthreat-intelligence
  Language:PowerShell 236

• rastrea2r / rastrea2r

  Collecting & Hunting for IOCs with gusto and style

  threathuntingiocsecurity-tools
  Language:Python 235

• jurelou / epagneul

  Graph Visualization for windows event logs

  securitysecurity-toolsforensicsforensics-toolsthreat-huntinghuntingevtxblueteamdfir-automation
  Language:Python 228

• wortell / KQL

  KQL queries for Advanced Hunting

  kqlsecurityhunting
  165
• Pyromid

  Pymmdrza / Pyromid

  Pyromid For Hack and Cracking Private Key and Address Bitcoin Wallet From Mnemonic [Words - Passphrase]

  bitcoincrackhuntingkeymnemonicmnemonic-generatormnemonic-phraseprivatewalletbitcoinprivatekeypyromid
  Language:Python 113
• Pro2WordBTC

  Pymmdrza / Pro2WordBTC

  Bitcoin Crack and Hunting Private Key With Mnemonic [HACK] Passphrase 12-24 words and check value of address (transaction & balance)

  bitcoinbitcoin-walletbtccrackhuntingminingmnemonicprivatekeyhackbitcoin
  Language:Python 106

• lawndoc / AdvancedHuntingQueries

  Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant

  cyber-securitycybersecuritydefenderdefender-atpdefender-for-endpointdetectiondetection-engineeringhuntingkqlkustomicrosoftmicrosoft365securitythreat-huntingxdr
  102

• alexverboon / Hunting-Queries-Detection-Rules

  KQL Queries. Microsoft Defender, Microsoft Sentinel

  detectionkqlsecuritysentineldfirhuntingdefenderforendpointdefenderforidentityazureazureaddefenderxdrentraid
  93

• al0ne / MacCheck

  一个Mac下信息搜集小脚本 主要用于信息搜集/应急响应/检测挖矿进程/异常进程/异常启动项

  huntingmacosshellshell-script
  Language:Shell 74
• ThreatHunting-Keywords-yara-rules

  mthcht / ThreatHunting-Keywords-yara-rules

  yara detection rules for hunting with the threathunting-keywords project

  awesome-listblueteamdetection-engineeringdfirforensics-toolshacktoolshuntingincident-responseoffensive-securitythreat-huntingthreat-intelligenceyara-forensicsyara-rulesyara-scanneryara-signatures
  Language:YARA 73
• MultiCryptoFinderRich

  Pymmdrza / MultiCryptoFinderRich

  Multi Batch Private Key Genereted and Check from Database

  bitcoinethereumprivate-keyprivatekeygeneratorpythonbtccrackdashdogecoinethhuntingtrontrxburteforce
  Language:Python 49

• emrekybs / Douglas-042

  Powershell script to help Speed ​​up Threat hunting incident response processes

  forensic-analysisforensicsincident-responsepowershellthreat-huntingthreat-intelligencehunting
  Language:PowerShell 45

• svch0stz / TheThreatHuntLibrary

  Library of threat hunts to get any user started!

  huntingmitrehypothesisthreat-huntingthreathuntingcybersecurity
  Language:Python 40

• trellix-enterprise / RTS-Queries

  Practical Orientation Of MVISION EDR Query Language

  mvision-edrmvisionrtsreal-time-searchedrhuntingcollectorssocblue-team
  34

• Yara-Rules / r2yara

  r2yara - Module for Yara using radare2 information

  huntingmalwarer2radare2yara
  Language:C 33

• eremit4 / Akamaru

  Sniffing out well-known threat groups

  apt-groupsctihuntingmitre-attackmitre-attack-dbpythonransomlookransomware-resourcessentinelonethreat-huntingthreat-intelligencethreathuntingthreatintel
  Language:Python 28

• ceramicskate0 / SWELF

  Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.

  windowseventlogforwarderloggingdotnetlogsdefenselogging-agentlog-forwarderhuntingcybersecuritysiempowershelldetectionwindowseventsanalyticsanalysisevtxlogging-frameworksysmon
  Language:C# 24

• tomwechsler / Threat_Hunting_with_PowerShell

  Security even with a small budget - there is no excuse!

  huntingmicrosoftpowershell
  Language:PowerShell 16

• alyrezo / FindBBP

  Bug Bounty Program Discovery tool, that discovers bug Bounty Program via security.txt file by default and you can use custom dork

  bugbug-bountybug-huntingbugbountybugbounty-toolhackhackerhunting
  Language:Python 15

• joeavanzato / crackdown

  Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.

  blueteamdfirforensicsgolanghuntingincident-responsepersistence
  Language:Go 15

• corelight / Dashboards-Splunk-DNS-Hunting-Beaconing

  DNS Dashboard for hunting and identifying beaconing

  dns-dashboardhunting
  14

• 0x802 / LinkSniper

  Spider or repeater to find all links.

  spiderscrawlrepeaterlinksurlsscanhacktoolsbugbountyhuntingsubdomainsubdomain-scanner
  Language:Python 13
• BlueSpace2021

  ch33r10 / BlueSpace2021

  Ekoparty's BlueSpace Keynote November 2021. Shoutout to @plugxor Muchas Gracias!!!

  threat-huntingthreat-intelligencethreat-intelhuntingctihuntcyber-threat-intelligencecyber-threat-hunting
  13

• bobbystacksmash / CMD-DeObfuscator

  A Node.js module for deobfuscating and expanding DOS/BATCH commands.

  malware-analysismalwareincident-responsehuntingbatch
  Language:JavaScript 12
• MixHunter

  Pymmdrza / MixHunter

  MixHunter for crack hack hunting private key ethereum litecoin dash dogecoin

  crackdashdogecoinethereumhackhuntingkeylitecoinprivateprivatekeytoolsmixhunter
  11
• BoosterHunt

  Pymmdrza / BoosterHunt

  Booster Hunting a Powerfull script For Hunting Private Key With CPU Saver MOD

  boosterbitcoinbitcoinaddressbtccheckcpucrackcrackinghunthuntingline-to-lineprivatekeypythonreadlinewallet
  Language:Python 10

• nkleck / gitrax

  Github username search

  githubusernamegithub-apiemailhunting
  Language:Python 8