kestrel-lang
Threat hunt workflow builder
A language and runtime framework for building reusable, composable threat hunting workflows using Python.
Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
300 stars
16 watching
51 forks
Language: Python
last commit: 2 months ago cybersecurityhacktoberfestlanguagesecuritysecurity-automationsecurity-toolsthreatthreat-huntingthreat-intelligencethreatintel
Related projects:
| Repository | Description | Stars |
|---|---|---|
 sk4la/plast | A modular threat-hunting tool framework for detecting indicators of compromise in incident-response operations. | 17 |
 a3sal0n/cyberthreathunting | A collection of tools and resources for threat hunters to identify and respond to cyber threats. | 856 |
 opensourcesec/forager | A tool for gathering and managing threat intelligence data from various feeds. | 171 |
 matamorphosis/scrummage | A platform for searching and analyzing publicly available online data to detect potential security threats | 514 |
 otrf/threathunter-playbook | A community-driven project providing shared detection logic and resources for threat hunting | 4,037 |
 kevthehermit/pastehunter | Automates scanning of publicly hosted pasted data against Yara rules to identify potential security or research threats. | 1,067 |
 thalesgroup-cert/watcher | Automated platform for discovering and analyzing cybersecurity threats targeting an organization | 868 |
 miladaslaner/threathunt | A PowerShell repository to simulate and train threat hunting skills without malicious files. | 134 |
 threathuntingproject/threathunting | An informational repository providing resources and knowledge for detecting adversaries in IT environments. | 1,722 |
 kunai-project/kunai | A tool designed to bring actionable insights into Linux security monitoring and threat hunting by leveraging eBPF technology | 397 |
 jpsenior/threataggregator | Automates aggregation of security threat data from various online sources | 79 |
 inquest/threatingestor | Extracts and aggregates threat intelligence from various sources | 832 |
 aboutsecurity/rastrea2r | A tool for hunting and tracking Internet of Things (IoT) security threats by collecting and analyzing indicators of compromise (IOCs) | 116 |
 gossithedog/threathunting | Tools and rules for detecting malicious domain calls in endpoint malware | 568 |
 ptr32void/ostrica | A framework to collect and visualize threat intelligence information from various sources in a flexible and plugin-based architecture. | 309 |