Threat-Hunting
Malware toolkit
A collection of threat intelligence resources and tools for analyzing APT malware
Personal compilation of APT malware from whitepaper releases, documents and own research
255 stars
23 watching
55 forks
last commit: almost 6 years ago collectionmalwaremalware-analysismalware-detectionmalware-researchthreat-huntingthreat-intelligencethreat-modelingthreat-sharingyara-rules
Related projects:
| Repository | Description | Stars |
|---|---|---|
 beahunt3r/windows-hunting | A collection of tools and resources to aid Windows threat hunters in identifying common security artifacts. | 347 |
 a3sal0n/cyberthreathunting | A collection of tools and resources for threat hunters to identify and respond to cyber threats. | 856 |
 vxunderground/vx-api | A collection of malicious functionality to aid in malware development | 1,498 |
 gossithedog/threathunting | Tools and rules for detecting malicious domain calls in endpoint malware | 568 |
 sbousseaden/slides | Collection of resources and concepts for threat hunting and detection engineering. | 372 |
 threathuntingproject/threathunting | An informational repository providing resources and knowledge for detecting adversaries in IT environments. | 1,721 |
 mhaggis/hunt-detect-prevent | A collection of resources and tools for detecting and preventing malicious activity on Windows systems. | 162 |
 ch33r10/bluespace2021 | A collection of resources and training materials focused on threat hunting and cyber-threat intelligence. | 13 |
 ninoseki/mihari | An aggregator tool for querying multiple services to gather threat intelligence data. | 863 |
 matamorphosis/scrummage | A platform for searching and analyzing publicly available online data to detect potential security threats | 512 |
 threatexpress/domainhunter | Tools for identifying suitable domains for malicious activities | 1,543 |
 west-wind/threat-hunting-with-splunk | Provides Splunk queries to detect vulnerability exploitation attempts and subsequent compromise, including threat hunting for MITRE ATT&CK TTPs | 57 |
 facebook/threatexchange | A set of tools and APIs for content moderation and digital harm mitigation through hashing and signal exchange | 1,176 |
 criticalpathsecurity/zeek-intelligence-feeds | Provides real-time threat intelligence feeds to enhance network security monitoring and analysis. | 343 |
 kasperskylab/klara | Helps Threat Intelligence researchers hunt for new malware by efficiently scanning large collections of files with Yara rules | 697 |