plast
Threat detection framework
A modular threat-hunting tool framework for detecting indicators of compromise in incident-response operations.
Modular command-line threat hunting tool & framework.
17 stars
2 watching
4 forks
Language: Python
last commit: over 4 years ago
Linked from 1 awesome list
aptdigital-forensicsframeworkincident-responseiocpythonpython3threat-huntingyara
inquest/awesome-yaraRelated projects:
| Repository | Description | Stars |
|---|---|---|
 opencybersecurityalliance/kestrel-lang | A language and runtime framework for building reusable, composable threat hunting workflows using Python. | 302 |
 a3sal0n/cyberthreathunting | A collection of tools and resources for threat hunters to identify and respond to cyber threats. | 861 |
 threathuntingproject/threathunting | An informational repository providing resources and knowledge for detecting adversaries in IT environments. | 1,726 |
 atc-project/atomic-threat-coverage | A framework for generating actionable analytics to combat threats based on threat modeling and incident response | 975 |
 cred-club/artif | An advanced threat intelligence framework that integrates real-time IP reputation and historical data analysis to identify malicious traffic | 239 |
 matamorphosis/scrummage | A platform for searching and analyzing publicly available online data to detect potential security threats | 515 |
 ptr32void/ostrica | A framework to collect and visualize threat intelligence information from various sources in a flexible and plugin-based architecture. | 309 |
 stratosphereips/manati | An open-source tool utilizing machine learning to assist threat analysts in identifying security problems. | 112 |
 owasp/pytm | Automates threat modeling and documentation for software systems. | 934 |
 sbousseaden/slides | Collection of resources and concepts for threat hunting and detection engineering. | 372 |
 kunai-project/kunai | An eBPF-based tool for comprehensive Linux event monitoring and analysis | 403 |
 anvilogic-forge/armory | A collection of threat detection methodologies and tools to help security teams identify and respond to emerging threats. | 88 |
 west-wind/threat-hunting-with-splunk | Provides Splunk queries to detect vulnerability exploitation attempts and subsequent compromise, including threat hunting for MITRE ATT&CK TTPs | 58 |
 miladaslaner/threathunt | A PowerShell repository to simulate and train threat hunting skills without malicious files. | 134 |
 kevthehermit/pastehunter | Automates scanning of publicly hosted pasted data against Yara rules to identify potential security or research threats. | 1,069 |