Slides
Threat hunting tools
Collection of resources and concepts for threat hunting and detection engineering.
Misc Threat Hunting Resources
372 stars
33 watching
61 forks
last commit: almost 2 years ago detection-engineeringdfirmindmapthreat-hunting
Related projects:
Repository | Description | Stars |
---|---|---|
threathuntingproject/threathunting | An informational repository providing resources and knowledge for detecting adversaries in IT environments. | 1,726 |
a3sal0n/cyberthreathunting | A collection of tools and resources for threat hunters to identify and respond to cyber threats. | 861 |
gossithedog/threathunting | Tools and rules for detecting malicious domain calls in endpoint malware | 570 |
inodee/threathunting-spl | Provides Splunk code and prototypes for building rules and queries to detect malicious activity | 268 |
olafhartong/threathunting | A Splunk application designed to guide threat hunts by mapping investigations to the MITRE ATT&CK framework | 1,141 |
ninoseki/mihari | An aggregator tool for querying multiple services to gather threat intelligence data. | 870 |
beahunt3r/windows-hunting | A collection of tools and resources to aid Windows threat hunters in identifying common security artifacts. | 347 |
sapphirex00/threat-hunting | A collection of threat intelligence resources and tools for analyzing APT malware | 257 |
miladaslaner/threathunt | A PowerShell repository to simulate and train threat hunting skills without malicious files. | 134 |
matamorphosis/scrummage | A platform for searching and analyzing publicly available online data to detect potential security threats | 515 |
sbousseaden/pcap-attack | A collection of PCAP captures used to demonstrate post-exploitation techniques and threat hunting tactics. | 346 |
ch33r10/bluespace2021 | A collection of resources and training materials focused on threat hunting and cyber-threat intelligence. | 13 |
otrf/threathunter-playbook | A community-driven project providing shared detection logic and resources for threat hunting | 4,045 |
west-wind/threat-hunting-with-splunk | Provides Splunk queries to detect vulnerability exploitation attempts and subsequent compromise, including threat hunting for MITRE ATT&CK TTPs | 58 |
bloodhoundad/bloodhound-tools | Tools and utilities to support the BloodHound threat hunting framework | 380 |