Awesome Open Source
Awesome Open Source
Combined Topics
threat-hunting x

The Top 245 Threat Hunting Open Source Projects

Categories > Security > Threat Hunting
Misp ⭐ 3,791
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
most recent commit 12 hours ago
Sysmon Config ⭐ 3,376
Sysmon configuration file template with default high-quality event tracing
most recent commit 3 months ago
Dnstwist ⭐ 3,272
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
dependent packages 2total releases 12most recent commit a month agopypi dnstwist} Downloads
Threathunter Playbook ⭐ 2,958
A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
most recent commit 3 months ago
Helk ⭐ 2,861
The Hunting ELK
most recent commit a year ago
Intelowl ⭐ 2,278
Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
most recent commit 24 days ago
Awesome Yara ⭐ 2,096
A curated list of awesome YARA rules, tools, and people.
most recent commit a month ago
Awesome Threat Detection ⭐ 2,054
A curated list of awesome threat detection and hunting resources
most recent commit 3 months ago
Sysmon Modular ⭐ 1,785
A repository of sysmon configuration modules
most recent commit 13 days ago
Malwoverview ⭐ 1,785
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, ThreatCrowd, Malware Bazaar, ThreatFox, Triage and it is able to scan Android devices against VT and HA.
total releases 34most recent commit 2 months ago
Signature Base ⭐ 1,678
Signature base for my scanner tools
most recent commit 4 days ago
Evtx Attack Samples ⭐ 1,642
Windows Events Attack Samples
most recent commit a month ago
Teler ⭐ 1,618
Real-time HTTP Intrusion Detection
total releases 44most recent commit 5 days ago
Yeti ⭐ 1,243
Your Everyday Threat Intelligence
most recent commit 2 months ago
Beagle ⭐ 1,088
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
total releases 7most recent commit 2 months ago
Redhunt Os ⭐ 995
Virtual Machine for Adversary Emulation and Threat Hunting
most recent commit 2 years ago
Sysmontools ⭐ 986
Utilities for Sysmon
most recent commit 10 months ago
Threatpursuit Vm ⭐ 932
Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.
most recent commit a year ago
Threathunting ⭐ 926
A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
most recent commit 13 days ago
Bluespawn ⭐ 912
An Active Defense and EDR software to empower Blue Teams
most recent commit a month ago
Ukraine Cyber Operations ⭐ 806
Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine.
most recent commit 2 days ago
Atomic Threat Coverage ⭐ 740
Actionable analytics designed to combat threats
most recent commit 4 months ago
Sentinel Attack ⭐ 692
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
most recent commit a year ago
Apt Hunter ⭐ 675
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
most recent commit 2 months ago
Watcher ⭐ 585
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
most recent commit 12 days ago
Mihari ⭐ 572
A tool for OSINT based threat hunting
total releases 91most recent commit 10 days ago
Klara ⭐ 572
Kaspersky's GReAT KLara
most recent commit 2 years ago
Fatt ⭐ 555
FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic
most recent commit 2 months ago
Threatingestor ⭐ 551
Extract and aggregate threat intelligence.
total releases 10most recent commit a month ago
Auditd Attack ⭐ 533
A Linux Auditd rule set mapped to MITRE's Attack Framework
most recent commit 3 years ago
Cyberthreathunting ⭐ 533
A collection of resources for Threat Hunters - Sponsored by Falcon Guard
most recent commit 4 months ago
Sysmon Config ⭐ 529
Advanced Sysmon configuration, Installer & Auto Updater with high-quality event tracing
most recent commit 3 years ago
Whids ⭐ 525
Open Source EDR for Windows
total releases 19most recent commit 4 days ago
Osint Brazuca ⭐ 511
Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.
most recent commit a month ago
Chameleon ⭐ 469
19 Customizable honeypots for monitoring network traffic, bots activities and username\password credentials (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres, MySQL, MSSQL, Elastic and ldap)
most recent commit a month ago
Patrowlmanager ⭐ 457
PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
most recent commit 4 months ago
Fcl ⭐ 411
FCL (Fileless Command Lines) - Known command lines of fileless malicious executions
most recent commit a year ago
Vast ⭐ 363
🔮 Visibility Across Space and Time – The network telemetry engine for data-driven security investigations.
dependent packages 3total releases 22most recent commit a day agopypi pyvast} Downloads
Misp Galaxy ⭐ 358
Clusters and elements to attach to MISP events or attributes (like threat actors)
most recent commit 4 days ago
Stalkphish ⭐ 347
StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
most recent commit 2 months ago
Meerkat ⭐ 333
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
most recent commit 25 days ago
Threathunting Book ⭐ 314
Threat hunting Web Windows AD linux ATT&CK TTPs
most recent commit 13 days ago
Opensquat ⭐ 310
Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
most recent commit 8 days ago
Scrummage ⭐ 304
The Ultimate OSINT and Threat Hunting Framework
most recent commit 2 months ago
Detectionlabelk ⭐ 299
DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
most recent commit a year ago
Threathunting ⭐ 290
Tools for hunting for threats.
most recent commit 22 days ago
Adaz ⭐ 280
🔧 Deploy customizable Active Directory labs in Azure - automatically.
most recent commit 3 months ago
Attackdatamap ⭐ 279
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
most recent commit 2 years ago
Yara Rules ⭐ 261
A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
most recent commit 17 days ago
Osweep ⭐ 237
Don't Just Search OSINT. Sweep It.
most recent commit a year ago
Threatpinchlookup ⭐ 236
Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
most recent commit 4 years ago
Threat Hunting And Detection ⭐ 230
Repository for threat hunting and detection queries, tools, etc.
most recent commit 3 months ago
Werdlists ⭐ 229
⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases
most recent commit 9 months ago
Adama ⭐ 226
Searches For Threat Hunting and Security Analytics
most recent commit a year ago
Evtx To Mitre Attack ⭐ 225
Set of EVTX samples (>170) mapped to MITRE [email protected] tactic and techniques to measure your SIEM coverage or developed new use cases.
most recent commit 6 days ago
Openuba ⭐ 217
A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]
most recent commit 2 months ago
Azurehunter ⭐ 216
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
most recent commit 4 months ago
Siem ⭐ 213
SIEM Tactics, Techiques, and Procedures
most recent commit 5 months ago
Threatbus ⭐ 209
🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
dependent packages 12total releases 26most recent commit 13 days agopypi threatbus} Downloads
Patrowlengines ⭐ 197
PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
most recent commit 2 months ago
Ee Outliers ⭐ 185
Open-source framework to detect outliers in Elasticsearch events
most recent commit 2 months ago
Mindmaps ⭐ 172
#ThreatHunting #DFIR #Malware #Detection Mind Maps
most recent commit 7 months ago
Litmus_test ⭐ 168
Detecting ATT&CK techniques & tactics for Linux
most recent commit 2 years ago
Bearded Avenger ⭐ 162
CIF v3 -- the fastest way to consume threat intelligence
most recent commit 7 months ago
C2intelfeeds ⭐ 159
Automatically created C2 Feeds
most recent commit 4 hours ago
Phishingkithunter ⭐ 157
Find phishing kits which use your brand/organization's files and image.
most recent commit 3 years ago
Kestrel Lang ⭐ 154
Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
dependent packages 1total releases 32most recent commit 2 days agopypi kestrel-lang} Downloads
Mthc ⭐ 151
All-in-one bundle of MISP, TheHive and Cortex
most recent commit a month ago
Yara Rules ⭐ 138
Collection of private Yara rules.
most recent commit 2 months ago
Oriana ⭐ 136
Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
most recent commit 3 years ago
Fennec ⭐ 125
Artifact collection tool for *nix systems
most recent commit 10 days ago
Patrowlhears ⭐ 122
PatrowlHears - Vulnerability Intelligence Center / Exploits
most recent commit a month ago
Patrowldocs ⭐ 118
PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
most recent commit 2 months ago
Analyst Arsenal ⭐ 114
A toolkit for Security Researchers
most recent commit 3 years ago
Microsoft Sentinel 4 Secops ⭐ 111
Microsoft Sentinel 4 SecOps
most recent commit 25 days ago
Gene ⭐ 111
Signature Engine for Windows Event Logs
dependent packages 1total releases 32most recent commit 3 months ago
Dovehawk ⭐ 107
Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
most recent commit a year ago
Mindmaps ⭐ 106
🔍 Mindmaps for threat hunting - work in progress.
most recent commit 2 months ago
Subcrawl ⭐ 105
SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data with optional output modules, such as MISP.
most recent commit 2 months ago
Detections ⭐ 98
This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.
most recent commit a year ago
Posint ⭐ 95
Gather Open-Source Intelligence using PowerShell.
most recent commit 3 years ago
Thiri Notebook ⭐ 95
The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules.
most recent commit a month ago
Ioc Finder ⭐ 94
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
dependent packages 10total releases 52most recent commit 2 days agopypi ioc-finder} Downloads
Evtx Hunter ⭐ 93
evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
most recent commit 6 months ago
Rita J ⭐ 91
Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.
most recent commit 4 months ago
Tylium ⭐ 87
Primary data pipelines for intrusion detection, security analytics and threat hunting
most recent commit 5 months ago
Malware Persistence ⭐ 85
Collection of malware persistence and hunting information. Be a persistent persistence hunter!
most recent commit 3 months ago
Raven ⭐ 83
Advanced Cyber Threat Map (Simplified, customizable, responsive)
most recent commit a month ago
Epagneul ⭐ 82
Graph Visualization for windows event logs
most recent commit 3 months ago
Malware Feed ⭐ 82
Bringing you the best of the worst files on the Internet.
most recent commit a year ago
Threathunt ⭐ 70
ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
most recent commit 3 years ago
Blue Teaming With Kql ⭐ 68
Repository with Sample KQL Query examples for Threat Hunting
most recent commit 10 months ago
Ioc Explorer ⭐ 66
Explore Indicators of Compromise Automatically
most recent commit 2 years ago
Judge Jury And Executable ⭐ 62
A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
most recent commit 5 days ago
Sqhunter ⭐ 60
A simple threat hunting tool based on osquery, Salt Open and Cymon API
most recent commit 5 years ago
Mail_to_misp ⭐ 55
Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
most recent commit 12 days ago
S2an ⭐ 51
S2AN - Mapper of Sigma Rules ➡️ MITRE ATT&CK
most recent commit a year ago
Powergrr ⭐ 51
PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.
most recent commit 2 months ago
Tht ⭐ 46
Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science
most recent commit 24 days ago
Sigma Detection Rules ⭐ 46
Set of SIGMA rules (>250) mapped to MITRE [email protected] tactic and techniques
most recent commit 10 days ago
1-100 of 245 projects
Categories
Advertising 📦 8
All Projects
Application Programming Interfaces 📦 107
Applications 📦 174
Artificial Intelligence 📦 69
Blockchain 📦 66
Build Tools 📦 105
Cloud Computing 📦 68
Code Quality 📦 24
Collaboration 📦 27
Command Line Interface 📦 38
Community 📦 79
Companies 📦 60
Compilers 📦 59
Computer Science 📦 73
Configuration Management 📦 37
Content Management 📦 153
Control Flow 📦 187
Data Formats 📦 72
Data Processing 📦 249
Data Storage 📦 116
Economics 📦 56
Frameworks 📦 178
Games 📦 110
Graphics 📦 92
Hardware 📦 137
Integrated Development Environments 📦 43
Learning Resources 📦 139
Legal 📦 24
Libraries 📦 117
Lists Of Projects 📦 19
Machine Learning 📦 313
Mapping 📦 57
Marketing 📦 15
Mathematics 📦 54
Media 📦 214
Messaging 📦 96
Networking 📦 292
Operating Systems 📦 71
Operations 📦 114
Package Managers 📦 50
Programming Languages 📦 173
Runtime Environments 📦 90
Science 📦 42
Security 📦 343
Social Media 📦 23
Software Architecture 📦 65
Software Development 📦 60
Software Performance 📦 53
Software Quality 📦 115
Text Editors 📦 40
Text Processing 📦 118
User Interface 📦 291
User Interface Components 📦 440
Version Control 📦 26
Virtualization 📦 63
Web Browsers 📦 35
Web Servers 📦 23
Web User Interface 📦 167
Top Programming Languages
Javascript  (1,049,824)
Python  (797,356)
Java  (385,725)
Php  (284,724)
Typescript  (240,386)
C Plus Plus  (236,456)
Ruby  (221,683)
C  (180,529)
Shell  (169,789)
C Sharp  (162,254)
Golang  (156,313)
Swift  (64,741)
R  (57,343)
Objective C  (57,165)
Rust  (56,236)
Dart  (51,596)
Kotlin  (45,616)
Lua  (33,337)
Matlab  (30,918)
Perl  (30,484)
Language  (30,077)
Scala  (28,600)
Haskell  (20,268)
Clojure  (19,072)
Powershell  (18,830)
Bash  (18,606)
Coffeescript  (17,324)
Elixir  (16,578)
Assembly  (14,538)
Processing  (13,302)
Julia  (12,560)
Basic  (10,762)
Flow  (10,528)
Emacs Lisp  (10,376)
Erlang  (9,052)
Scheme  (8,438)
Groovy  (8,435)
Solidity  (7,648)
Ocaml  (6,671)
Pascal  (6,386)
Hack  (6,369)
Lisp  (6,340)
Fortran  (5,489)
Elm  (5,478)
Common Lisp  (5,279)
Dlang  (4,742)
Shell Script  (4,632)
Python Library  (4,450)
Crystal  (4,374)
Scripting  (4,204)
Top Projects
Freecodecamp ⭐ 346,532
996.icu ⭐ 262,320
Free Programming Books ⭐ 233,929
Coding Interview University ⭐ 220,499
Awesome ⭐ 202,760
Vue ⭐ 196,258
Developer Roadmap ⭐ 195,459
Public Apis ⭐ 194,320
React ⭐ 188,629
System Design Primer ⭐ 181,944
Tensorflow ⭐ 165,278
Bootstrap ⭐ 157,589
You Dont Know Js ⭐ 153,649
Cs Notes ⭐ 150,780
Ohmyzsh ⭐ 145,631
Build Your Own X ⭐ 142,363
Javascript Algorithms ⭐ 141,923
Flutter ⭐ 141,034
Python ⭐ 136,366
Gitignore ⭐ 133,520
Linux ⭐ 132,321
Vscode ⭐ 132,171
Awesome Python ⭐ 127,528
Javascript ⭐ 123,498
Javaguide ⭐ 121,736
Python 100 Days ⭐ 117,585
Computer Science ⭐ 113,544
Youtube Dl ⭐ 110,319
Fucking Algorithm ⭐ 106,048
The Art Of Command Line ⭐ 105,874
React Native ⭐ 102,989
Electron ⭐ 101,841
D3 ⭐ 100,901
Go ⭐ 99,607
30 Seconds Of Code ⭐ 95,885
Create React App ⭐ 95,212
Axios ⭐ 93,628
Awesome Selfhosted ⭐ 89,230
Kubernetes ⭐ 88,770
Free Programming Books Zh_cn ⭐ 88,386
Node ⭐ 87,891
Next.js ⭐ 87,275
Terminal ⭐ 83,314
Deno ⭐ 82,648
Three.js ⭐ 82,285
Angular ⭐ 81,568
Awesome Go ⭐ 81,240
Typescript ⭐ 80,958
Ant Design ⭐ 80,459
Material Ui ⭐ 78,683
Privacy | About | Terms | Follow Us On Twitter

Downloads, Dependent Repos, Dependent Packages, Total Releases, Latest Releases data powered by Libraries.io.

Copyright 2018-2022 Awesome Open Source.  All rights reserved.