hunting · GitHub Topics

安全、可靠、简单、免费的企业级蜜罐

Go 4.36 k

6 个月前

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

threat-hunting sysmon hunting-campaigns hypothesis hunting dfir hunter mitre-attack-db mitre

Python 4.24 k

1 年前

Cyb3rWard0g / HELK

The Hunting ELK

hunting elasticsearch kibana logstash hunting-platforms elk elk-stack elastic Docker Jupyter Notebook threat-hunting Apache Spark dockerhub

Jupyter Notebook 3.85 k

1 年前

Security-Onion-Solutions / security-onion

Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management

intrusion-detection log-management ids nsm hunting dfir

3.09 k

4 年前

Yamato-Security / hayabusa

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

dfir threat hunting Windows event logs Rust sigma detection attack forensics incident response 安全 Cybersecurity incident-response security-automation threat-hunting

Rust 2.65 k

5 天前

microsoft / Microsoft-365-Defender-Hunting-Queries

Sample queries for Advanced hunting in Microsoft 365 Defender

hunting Cybersecurity sample-code

Jupyter Notebook 2 k

3 年前

FalconForceTeam / FalconFriday

Hunting queries and detections

kql blueteam hunting purpleteam sentinel defender-for-endpoint

804

5 个月前

Yamato-Security / WELA-deprecated

WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

dfir log analysis forensics incident response sigma Windows event logs threat hunting timeline

PowerShell 783

2 年前

DefensiveOrigins / AtomicPurpleTeam

Atomic Purple Team Framework and Lifecycle

purpleteam hunting attack attack-defense attack-detection lifecycle famework

294

4 年前

eshlomo1 / Microsoft-Sentinel-SecOps

Microsoft Sentinel SOC Operations

安全 secops siem soc Azure hunting incident-response Microsoft threat-hunting threat-intelligence cloudsecurity

PowerShell 255

1 年前

rastrea2r / rastrea2r

Collecting & Hunting for IOCs with gusto and style

threat hunting IoC (Disambiguation)安全

Python 240

4 年前

jurelou / epagneul

Graph Visualization for windows event logs

安全 forensics forensics-tools threat-hunting hunting evtx blueteam dfir-automation

Python 238

5 个月前

burpheart / hachimi

哈基米一个分布式蜜网系统 | hachimi A Distributed Honeypot System

honeypot hunting 安全

Go 179

5 个月前

wortell / KQL

KQL queries for Advanced Hunting

kql 安全 hunting

173

5 年前

alexverboon / Hunting-Queries-Detection-Rules

KQL Queries. Microsoft Defender, Microsoft Sentinel

detection kql 安全 sentinel dfir hunting Azure azuread

168

18 天前

Pymmdrza / Pyromid

Pyromid For Hack and Cracking Private Key and Address Bitcoin Wallet From Mnemonic [Words - Passphrase]

比特币 crack hunting key private wallet

Python 162

9 个月前

Pymmdrza / Pro2WordBTC

Bitcoin Crack and Hunting Private Key With Mnemonic [HACK] Passphrase 12-24 words and check value of address (transaction & balance)

比特币 btc crack hunting mining

Python 135

2 年前

Yamato-Security / suzaku

Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.

Amazon Web Services Azure detection dfir engineering entra forensics Google 云 hunting id incident log 监控 response 安全 sigma threat

Rust 129

5 天前

lawndoc / AdvancedHuntingQueries

Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant.

安全 Cybersecurity kql hunting threat-hunting detection detection-engineering Microsoft microsoft365 defender-for-endpoint defender cyber-security xdr

124

10 个月前

mthcht / ThreatHunting-Keywords-yara-rules

#Awesome#yara detection rules for hunting with the threathunting-keywords project

Awesome Lists blueteam detection-engineering dfir forensics-tools hacktools hunting incident-response offensive-security threat-hunting threat-intelligence yara-rules yara-scanner yara-signatures

YARA 122

1 个月前