Awesome Open Source

Programming Languages

Search results for dfir threat hunting

threat-hunting x

39 search results found

Threathunter Playbook ⭐ 3,826

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

Intelowl ⭐ 2,995

IntelOwl: manage your Threat Intelligence at scale

Chainsaw ⭐ 2,519

Rapidly Search and Hunt through Windows Forensic Artefacts

Sysmon Modular ⭐ 2,364

A repository of sysmon configuration modules

Signature Base ⭐ 2,187

YARA signature and IOC database for my scanners and tools

Evtx Attack Samples ⭐ 2,124

Windows Events Attack Samples

Hayabusa ⭐ 1,800

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Your Everyday Threat Intelligence

Matano ⭐ 1,259

Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS

Beagle ⭐ 1,171

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

Threathunting ⭐ 1,088

A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

Open Source EDR for Windows

Hunting Queries Detection Rules ⭐ 865

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Cyberthreathunting ⭐ 755

A collection of resources for Threat Hunters - Sponsored by Falcon Guard

Threatingestor ⭐ 730

Extract and aggregate threat intelligence.

Azurehunter ⭐ 626

A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365

Sysmon Config ⭐ 529

Advanced Sysmon configuration, Installer & Auto Updater with high-quality event tracing

Threat Hunting And Detection ⭐ 509

Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).

Detectionlabelk ⭐ 299

DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.

Attackdatamap ⭐ 279

A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework

Threathunting Keywords ⭐ 252

Awesome list of keywords for Threat Hunting sessions

Threatpinchlookup ⭐ 236

Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension

Mindmaps ⭐ 172

#ThreatHunting #DFIR #Malware #Detection Mind Maps

Artifact collection tool for *nix systems

All-in-one bundle of MISP, TheHive and Cortex

Signature engine for all your logs

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.

Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.

Threathunt ⭐ 70

ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.

Fastfinder ⭐ 34

Incident Response - Fast suspicious file finder

Threathunting Keywords Sigma Rules ⭐ 32

Sigma detection rules for hunting with the threathunting-keywords project

Sigma Engine implementation in TypeScript

Ta Sysmon Deploy ⭐ 24

Deploy and maintain Symon through the Splunk Deployment Sever

Threathunting Keywords Yara Rules ⭐ 17

yara detection rules for hunting with the threathunting-keywords project

Ir_scripts ⭐ 15

incident response scripts

Proof-of-Concept to evade auditd by writing /proc/PID/mem

Threathunting_with_osquery ⭐ 11

Threat Hunting & Incident Investigation with Osquery

Hashlookup Gui ⭐ 10

Provides a multi-platform Graphical User Interface for hashlookup

User_accounts_hunting ⭐ 9

The scrip will help you to find some values info for the user that you need as DFIR

Detect leaks in security event logs.

Packettrail ⭐ 5

Associates netflow data with system processes and logs to syslog

1-39 of 39 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.