ThreatHunting

Threat detection resource

An informational repository providing resources and knowledge for detecting adversaries in IT environments.

An informational repo about hunting for adversaries in your IT environment.

GitHub

2k stars
224 watching
377 forks
last commit: about 3 years ago
Linked from 1 awesome list


Backlinks from these awesome lists:

Related projects:

Repository Description Stars
a3sal0n/cyberthreathunting A collection of tools and resources for threat hunters to identify and respond to cyber threats. 861
otrf/threathunter-playbook A community-driven project providing shared detection logic and resources for threat hunting 4,045
sbousseaden/slides Collection of resources and concepts for threat hunting and detection engineering. 372
miladaslaner/threathunt A PowerShell repository to simulate and train threat hunting skills without malicious files. 134
gossithedog/threathunting Tools and rules for detecting malicious domain calls in endpoint malware 570
matamorphosis/scrummage A platform for searching and analyzing publicly available online data to detect potential security threats 515
ch33r10/bluespace2021 A collection of resources and training materials focused on threat hunting and cyber-threat intelligence. 13
ninoseki/mihari An aggregator tool for querying multiple services to gather threat intelligence data. 870
sk4la/plast A modular threat-hunting tool framework for detecting indicators of compromise in incident-response operations. 17
sapphirex00/threat-hunting A collection of threat intelligence resources and tools for analyzing APT malware 257
redhuntlabs/redhunt-os A virtual machine designed to emulate adversary attacks and support threat hunting efforts 1,249
kunai-project/kunai An eBPF-based tool for comprehensive Linux event monitoring and analysis 403
inquest/threatingestor Extracts and aggregates threat intelligence from various sources 836
threatexpress/domainhunter Tools for identifying suitable domains for malicious activities 1,551
olafhartong/threathunting A Splunk application designed to guide threat hunts by mapping investigations to the MITRE ATT&CK framework 1,141