Alternatives To Helk
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
2 years ago37gpl-3.0Jupyter Notebook
The Hunting ELK
13 days agogpl-3.0Python
A collection of resources for Threat Hunters - Sponsored by Falcon Guard
Awesome_threat Hunting311
3 years ago
A curated list of the most important and useful resources about Threat Detection,Hunting and Intelligence.
Elk Hunting39
6 years agoPowerShell
Threat Hunting with ELK Workshop (InfoSecWorld 2017)
5 years agoPython
A feature extension to ease the automation of Threat Hunting with ElastAlert and the ELK Stack
Drovorub Hunt12
3 years agomitPython
A tool to assist with network-based hunting for GRU's Drovorub malware c2
Sysmon Dfir10
6 years ago
Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
Awesome Osquery8
4 years ago
Osquery Resources
5 years agobsd-3-clauseShell
The Hunting ELK高级分析功能的漏洞挖掘平台
Active Threat Hunting Using Elk1
3 years ago
This is a lab model deployed to carry out threat hunting activities in an enterprise environment using the ELK stack
Alternatives To Helk
Select To Compare

Alternative Project Comparisons


License: GPL v3 GitHub issues-closed Twitter Open Source Love stability-alpha

The Hunting ELK or simply the HELK is one of the first open source hunt platforms with advanced analytics capabilities such as SQL declarative language, graphing, structured streaming, and even machine learning via Jupyter notebooks and Apache Spark over an ELK stack. This project was developed primarily for research, but due to its flexible design and core components, it can be deployed in larger environments with the right configurations and scalable infrastructure.


  • Provide an open source hunting platform to the community and share the basics of Threat Hunting.
  • Expedite the time it takes to deploy a hunt platform.
  • Improve the testing and development of hunting use cases in an easier and more affordable way.
  • Enable Data Science capabilities while analyzing data via Apache Spark, GraphFrames & Jupyter Notebooks.

Current Status: Alpha

The project is currently in an alpha stage, which means that the code and the functionality are still changing. We haven't yet tested the system with large data sources and in many scenarios. We invite you to try it and welcome any feedback.




Current Committers

License: GPL-3.0

HELK's GNU General Public License

Popular Elk Stack Projects
Popular Hunting Projects
Popular Data Processing Categories
Related Searches

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Jupyter Notebook
Elk Stack
Threat Hunting