threathunting

There are 8 repositories under threathunting topic.

IntelOwl
intelowlproject / IntelOwl
IntelOwl: manage your Threat Intelligence at scale
security-tools python threat-intelligence ioc incident-response cyber-threat-intelligence enrichment honeynet osint osint-python threatintel malware-analysis malware-analyzer intel-owl threat-hunting hacktoberfest cyber-security cybersecurity threathunting dfir
Language:Python 3104
alexandreborges / malwoverview
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
malware virustotal malpedia urlhaus alienvault malshare threathunting malwarebazaar threatfox cybersecurity malware-analysis threat-hunting threatintelligence triage
Language:Python 2701
mandiant / ThreatPursuit-VM
Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.
cyber threat threatintelligence threathunting intelligence intelligence-analysis data-science analytics malware virtual-machine mandiant fireeye
Language:PowerShell 1191
atomic-threat-coverage
atc-project / atomic-threat-coverage
Actionable analytics designed to combat threats
mitre-attack threat-model threathunting incidentresponse threatintelligence threatdetection
Language:Python 944
AzureHunter
darkquasar / AzureHunter
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
azforensics azure azure-forensics azuresearcher cloud-forensics cybersecurity dfir digital-forensics incident-response powershellv5 threat-hunting threathunting unifiedauditlog
Language:PowerShell 764
tenzir
tenzir / tenzir
Open source security data pipelines.
incident-response threathunting siem soc security dataops investigation pcap secdataops netflow suricata zeek pipelines sigma
Language:C++ 609
MDATP
alexverboon / MDATP
Microsoft Defender XDR - Resource Hub
blogs defender-for-cloud-apps defender-for-endpoint defender-for-identity defender-for-office-365 kql learning microsoft-defender-xdr threathunting
Language:PowerShell 443
GACWR / OpenUBA
A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]
ueba datascience cybersecurity analytics threathunting tensorflow spark flask information-security siem anomaly-detection uba sklearn security elk elasticsearch machine-learning nodejs user-behaviour react
Language:Python 349
ThreatHunting-Keywords
mthcht / ThreatHunting-Keywords
Awesome list of keywords and artifacts for Threat Hunting sessions
awesome-list blueteam detection-engineering endpoint-security iocs offensive-scripts offensive-security redteam siem soc splunk threat-hunting threat-intelligence threathunting dfir incident-response forensic hacktools sigma-rules elk-stack
Language:HTML 333
Kirtar22 / Litmus_Test
Detecting ATT&CK techniques & tactics for Linux
blue-team defensive-security incident-response linux-hunting mitre-attack red-team security-operations threathunting
Language:Roff 251
AbdulRhmanAlfaifi / Fennec
Artifact collection tool for *nix systems
dfir rust ir threathunting blueteam
Language:Rust 181
Purpleteam
mthcht / Purpleteam
Purpleteam scripts simulation & Detection - trigger events for SOC detections
blueteam detection linux mitre-attack offensive-scripts purpleteam redteam security siem simulation soc tactics techniques windows awesome awesome-list ioc threat-hunting threathunting detection-engineering
Language:PowerShell 120
Viralmaniar / MurMurHash
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
redteam blueteam phishing phishing-detection cybersecurity infosec security-tools redteaming threathunting threat-intelligence threatintel threatintelligence proactive-security murmurhash murmurhash3 blueteaming purpleteam
Language:Python 109
alt3kx / wafaray
Enhance your malware detection with WAF + YARA (WAFARAY)
blueteam blueteaming pentesting security-tools threat-intelligence threathunting waf yara yara-rules
Language:Shell 106
UncoderIO / Uncoder_IO
An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.
datalake edr roota siem sigma threathunting translation xdr uncoder uncoderio
Language:Python 103
csirtgadgets / cif-v5
The FASTEST way to consume threat intel.
cif csirtg threathunting threatintel
Language:Python 63
Truvis / SplunkDashboards
Collection of Dashboards for Threat Hunting and more!
splunk splunk-application splunk-enterprise splunk-addon splunk-http splunk-impact-cloud splunk-alerts dashboard dashboards dashboard-templates dashboard-application dashboard-widget threat-intelligence threathunting threat-hunting threatintel audit auditing audit-logs suricata
49
ThreatHunting-Keywords-sigma-rules
mthcht / ThreatHunting-Keywords-sigma-rules
Sigma detection rules for hunting with the threathunting-keywords project
blueteam detection-engineering detection-rules siem sigma-rules threat-detection threat-hunting threathunting dfir forensicartifacts mitre-attack
Language:Python 41
svch0stz / TheThreatHuntLibrary
Library of threat hunts to get any user started!
hunting mitre hypothesis threat-hunting threathunting cybersecurity
Language:Python 32
HellishPn / Volatility-MM-CS
Volatility MindMap & Cheat Sheet
volatility forensics bluteam threathunting incident-response-tooling mindmap cheatsheet
29
stvetro / HuntWithChatGPT
Tiny proof-of-concept PowerShell script to do threat hunting using ChatGPT (text-davinci-003)
chatgpt dfir forensics ir powershell threathunting
Language:PowerShell 28
eremit4 / Akamaru
Sniffing out well-known threat groups
apt-groups cti python ransomware-resources threat-hunting threat-intelligence hunting mitre-attack sentinelone threathunting threatintel mitre-attack-db ransomlook
Language:Python 27
ecstatic-nobel / Aisle25
Detect leaks in security event logs.
splunk cyber infosec threathunting password-dump dfir entropy windows-security protected-event-logging python data-leak
Language:Python 18
00gxd14g / misp-extractor
This is a simple Python script that connects to a MISP instance and retrieves attributes of specific types (such as IP addresses, URLs, and hashes). The retrieved attributes are then written to separate files.
blueteam cyberintelligence cybersecurity intelligence misp threathunting
Language:Python 17
elceef / yara-rulz
Collection of generic YARA rules
threathunting yara
Language:YARA 14
CertAcademico / IncidentResponseTool
Kit de herramientas para atender un incidente de Ciberseguridad y elementos claves para poder gestionar y analizar artefactos basados en una intrusión informática.
cert ciberseguridad csirt cti dfir incidentresponse threathunting navajasuiza respuesta-incidentes
12
TeMiroYteHasheo / The-Hunters-Framework
Project to Support The Hunter's Framework (THF)
threathunting threat-hunting threat-detection thf cybersecurity cybersecurity-education
11
ManuelBerrueta / BST
🏴‍☠️ BST is an ever-evolving collection of 🛠 tools to help in security and administration day to day tasks 😉
security offensivesecurity offensive-security azure dfir incident-response redteam redteam-tools redteaming threat-hunting threathunting applicationsecurity appsec containers kubernetes blueteam cloud
Language:Python 9
N3tworkSec / N3tstatIDS
Lightweight Endpoint Detection & Response (EDR) Framework
n3tstat-ids edr beacon-analysis threathunting apt beacon-hunting apt-detection malware detection
9
buzzer-re / DeepSecurity-2-ATTCK
Pull your DS rules and build a ATT&CK matrix
blueteam deep-security mitre-attack threathunting
Language:Python 7
Richard1611 / RemoteKapeTriage
A powershell tool that automate the remote forensic evidence adquisitions (triage) from Remote windows machines, using KAPE tool.
cybersecurity forensic-analysis forensics incident-response information-gathering information-security kape powershell powershell-script threathunting triage
Language:PowerShell 7
BenjiTrapp / aws-threat-hunting
Short deep dive into Threat Hunting on AWS
aws cloudtrail detection-engineering jupyter-notebook threathunting
Language:Jupyter Notebook 6
xFFninja / happy_threat_hunting
Threat Hunting
detection kql siem sigma-rules threathunting
6
adamsmesher / hunterground
Another Threat Hunting knowledge base :) based on MITRE ATT&CK Matrix
threathunting threat-hunting mitre-attack
4
AndrewRathbun / BeaconHunter
An updated fork of @3lp4tr0n's BeaconHunter. Detect and respond to Cobalt Strike beacons using ETW
cobaltstrike dfir redteam threathunting
Language:C# 4
phishing-hunter / PHOps
Phishing Hunging Operations (PHOps) 🚀
gitops phishing-defense takedown threathunting
Language:YARA 3

threathunting

intelowlproject / IntelOwl

alexandreborges / malwoverview

mandiant / ThreatPursuit-VM

atc-project / atomic-threat-coverage

darkquasar / AzureHunter

tenzir / tenzir

alexverboon / MDATP

GACWR / OpenUBA

mthcht / ThreatHunting-Keywords

Kirtar22 / Litmus_Test

AbdulRhmanAlfaifi / Fennec

mthcht / Purpleteam

Viralmaniar / MurMurHash

alt3kx / wafaray

UncoderIO / Uncoder_IO

csirtgadgets / cif-v5

Truvis / SplunkDashboards

mthcht / ThreatHunting-Keywords-sigma-rules

svch0stz / TheThreatHuntLibrary

HellishPn / Volatility-MM-CS

stvetro / HuntWithChatGPT

eremit4 / Akamaru

ecstatic-nobel / Aisle25

00gxd14g / misp-extractor

elceef / yara-rulz

CertAcademico / IncidentResponseTool

TeMiroYteHasheo / The-Hunters-Framework

ManuelBerrueta / BST

N3tworkSec / N3tstatIDS

buzzer-re / DeepSecurity-2-ATTCK

Richard1611 / RemoteKapeTriage

BenjiTrapp / aws-threat-hunting

xFFninja / happy_threat_hunting

adamsmesher / hunterground

AndrewRathbun / BeaconHunter

phishing-hunter / PHOps