ThreatHunter-Playbook

Threat Hunter

A community-driven project providing shared detection logic and resources for threat hunting

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

GitHub

4k stars
373 watching
812 forks
Language: Python
last commit: 10 months ago
Linked from 4 awesome lists

dfirhunterhuntinghunting-campaignshypothesismitremitre-attack-dbsysmonthreat-hunting

Backlinks from these awesome lists:

Related projects:

Repository Description Stars
threathuntingproject/threathunting An informational repository providing resources and knowledge for detecting adversaries in IT environments. 1,722
a3sal0n/cyberthreathunting A collection of tools and resources for threat hunters to identify and respond to cyber threats. 856
matamorphosis/scrummage A platform for searching and analyzing publicly available online data to detect potential security threats 514
ninoseki/mihari An aggregator tool for querying multiple services to gather threat intelligence data. 866
miladaslaner/threathunt A PowerShell repository to simulate and train threat hunting skills without malicious files. 134
opencybersecurityalliance/kestrel-lang A language and runtime framework for building reusable, composable threat hunting workflows using Python. 300
olafhartong/threathunting A Splunk application designed to guide threat hunts by mapping investigations to the MITRE ATT&CK framework 1,141
inquest/threatingestor Extracts and aggregates threat intelligence from various sources 832
sbousseaden/slides Collection of resources and concepts for threat hunting and detection engineering. 372
otrf/security-datasets Provides a repository of security event datasets to support threat research and analysis 1,609
gossithedog/threathunting Tools and rules for detecting malicious domain calls in endpoint malware 568
aboutsecurity/rastrea2r A tool for hunting and tracking Internet of Things (IoT) security threats by collecting and analyzing indicators of compromise (IOCs) 116
kunai-project/kunai A tool designed to bring actionable insights into Linux security monitoring and threat hunting by leveraging eBPF technology 397
sk4la/plast A modular threat-hunting tool framework for detecting indicators of compromise in incident-response operations. 17
phantomcyber/playbooks Community-developed playbooks and custom functions for Splunk SOAR threat hunting and incident response 474