Skip to content

darkquasar/cybernethunter

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits

cybernethunter

cybernethunter

 
 

integrations/kape_modules

integrations/kape_modules

 
 

licenses

licenses

 
 

samples

samples

 
 

stack/docker

stack/docker

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

anaconda_env_global.yml

anaconda_env_global.yml

 
 

cybernethunter_cli.py

cybernethunter_cli.py

 
 

Repository files navigation

CyberNetHunter

Purpose

CyberNetHunter is a cyber tool stack for the Incident Responder and Threat Hunter. The aim is to integrate tightly with Jupyter Notebooks and facilitate regular tasks that can be tedious during Incidents. The stack aims to include:

  1. A python package (cybernethunter) that can be also used from the commandline
  2. A few docker stacks to complement regular analysis requirements (elk, BlueSpawn, SysmonSearch, Stoq, etc.)
  3. Powershell scripts that can be called from Jupyter to execute triage and analysis tasks in Active Directory environments
  4. Streaming via benthos and kafka for data enrichment

TODO

  1. Add BlueSpawn
  2. Create Jupyter Notebooks with analysis of Boss of the SOC dataset
  3. Add SysmonSearch from JPCert to CyberElastic

About

Cyber Incident Response & Threat Hunting tool stack

Topics

python data-science analysis incident-response cybersecurity threat-hunting jupyter-notebooks cyberhunter

Resources

Readme

License

View license
Activity

Stars

6 stars

Watchers

4 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages