Helk
| Project Name | Stars | Downloads | Repos Using This | Packages Using This | Most Recent Commit | Total Releases | Latest Release | Open Issues | License | Language |
|---|---|---|---|---|---|---|---|---|---|---|
| Helk | 3,511 | 2 years ago | 37 | gpl-3.0 | Jupyter Notebook | |||||
| The Hunting ELK | ||||||||||
| Cyberthreathunting | 716 | 13 days ago | gpl-3.0 | Python | ||||||
| A collection of resources for Threat Hunters - Sponsored by Falcon Guard | ||||||||||
| Awesome_threat Hunting | 311 | 3 years ago | ||||||||
| A curated list of the most important and useful resources about Threat Detection,Hunting and Intelligence. | ||||||||||
| Elk Hunting | 39 | 6 years ago | PowerShell | |||||||
| Threat Hunting with ELK Workshop (InfoSecWorld 2017) | ||||||||||
| Elastalertgrouper | 15 | 5 years ago | Python | |||||||
| A feature extension to ease the automation of Threat Hunting with ElastAlert and the ELK Stack | ||||||||||
| Drovorub Hunt | 12 | 3 years ago | mit | Python | ||||||
| A tool to assist with network-based hunting for GRU's Drovorub malware c2 | ||||||||||
| Sysmon Dfir | 10 | 6 years ago | ||||||||
| Sources, configuration and how to detect evil things utilizing Microsoft Sysmon. | ||||||||||
| Awesome Osquery | 8 | 4 years ago | ||||||||
| Osquery Resources | ||||||||||
| Helk | 5 | 5 years ago | bsd-3-clause | Shell | ||||||
| The Hunting ELK高级分析功能的漏洞挖掘平台 https://github.com/Cyb3rWard0g/HELK | ||||||||||
| Active Threat Hunting Using Elk | 1 | 3 years ago | ||||||||
| This is a lab model deployed to carry out threat hunting activities in an enterprise environment using the ELK stack | ||||||||||
Alternatives To HelkSelect To Compare
Alternative Project Comparisons
Readme
HELK
The Hunting ELK or simply the HELK is one of the first open source hunt platforms with advanced analytics capabilities such as SQL declarative language, graphing, structured streaming, and even machine learning via Jupyter notebooks and Apache Spark over an ELK stack. This project was developed primarily for research, but due to its flexible design and core components, it can be deployed in larger environments with the right configurations and scalable infrastructure.
Goals
- Provide an open source hunting platform to the community and share the basics of Threat Hunting.
- Expedite the time it takes to deploy a hunt platform.
- Improve the testing and development of hunting use cases in an easier and more affordable way.
- Enable Data Science capabilities while analyzing data via Apache Spark, GraphFrames & Jupyter Notebooks.
Current Status: Alpha
The project is currently in an alpha stage, which means that the code and the functionality are still changing. We haven't yet tested the system with large data sources and in many scenarios. We invite you to try it and welcome any feedback.
Docs:
Resources
- Welcome to HELK! : Enabling Advanced Analytics Capabilities
- Spark
- Spark Standalone Mode
- Setting up a Pentesting.. I mean, a Threat Hunting Lab - Part 5
- An Integrated API for Mixing Graph and Relational Queries
- Graph queries in Spark SQL
- Graphframes Overview
- Elastic Products
- Elastic Subscriptions
- Elasticsearch Guide
- spujadas elk-docker
- deviantony docker-elk
Author
- Roberto Rodriguez @Cyb3rWard0g @THE_HELK
Current Committers
- Nate Guagenti @neu5ron
License: GPL-3.0
Popular Elk Stack Projects
Popular Hunting Projects
Popular Data Processing Categories
Related Searches
Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Jupyter Notebook
Docker
Elasticsearch
Spark
Elastic
Kibana
Logstash
Elk
Elk Stack
Hunting
Threat Hunting