threathunting

IntelOwl: manage your Threat Intelligence at scale

Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, Threa...

Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well a...

Actionable analytics designed to combat threats

A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365

Tenzir is the data pipeline engine for security teams.

KQL Queries. Microsoft Defender, Microsoft Sentinel

#Awesome#Awesome list of keywords and artifacts for Threat Hunting sessions

#学习与技能提升#MDATP

#计算机科学#A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Indu...

Detecting ATT&CK techniques & tactics for Linux

Artifact collection tool for *nix systems

#Awesome#Purpleteam scripts simulation & Detection - trigger events for SOC detections

An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Enhance your malware detection with WAF + YARA (WAFARAY)

The FASTEST way to consume threat intel.

Collection of Dashboards for Threat Hunting and more!

Sysmon config for both Windows and Linux Devices. Windows one is a bit dated

Sigma detection rules for hunting with the threathunting-keywords project