Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for dfir threat hunting
dfir
x
threat-hunting
x
39 search results found
Threathunter Playbook
⭐
3,826
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
Intelowl
⭐
2,995
IntelOwl: manage your Threat Intelligence at scale
Chainsaw
⭐
2,519
Rapidly Search and Hunt through Windows Forensic Artefacts
Sysmon Modular
⭐
2,364
A repository of sysmon configuration modules
Signature Base
⭐
2,187
YARA signature and IOC database for my scanners and tools
Evtx Attack Samples
⭐
2,124
Windows Events Attack Samples
Hayabusa
⭐
1,800
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Yeti
⭐
1,568
Your Everyday Threat Intelligence
Matano
⭐
1,259
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
Beagle
⭐
1,171
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Threathunting
⭐
1,088
A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
Whids
⭐
921
Open Source EDR for Windows
Hunting Queries Detection Rules
⭐
865
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Cyberthreathunting
⭐
755
A collection of resources for Threat Hunters - Sponsored by Falcon Guard
Threatingestor
⭐
730
Extract and aggregate threat intelligence.
Azurehunter
⭐
626
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
Sysmon Config
⭐
529
Advanced Sysmon configuration, Installer & Auto Updater with high-quality event tracing
Threat Hunting And Detection
⭐
509
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
Detectionlabelk
⭐
299
DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
Attackdatamap
⭐
279
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
Threathunting Keywords
⭐
252
Awesome list of keywords for Threat Hunting sessions
Threatpinchlookup
⭐
236
Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Mindmaps
⭐
172
#ThreatHunting #DFIR #Malware #Detection Mind Maps
Fennec
⭐
170
Artifact collection tool for *nix systems
Mthc
⭐
154
All-in-one bundle of MISP, TheHive and Cortex
Gene
⭐
149
Signature engine for all your logs
Oriana
⭐
136
Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Rita J
⭐
134
Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.
Threathunt
⭐
70
ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Fastfinder
⭐
34
Incident Response - Fast suspicious file finder
Threathunting Keywords Sigma Rules
⭐
32
Sigma detection rules for hunting with the threathunting-keywords project
Tigma
⭐
24
Sigma Engine implementation in TypeScript
Ta Sysmon Deploy
⭐
24
Deploy and maintain Symon through the Splunk Deployment Sever
Threathunting Keywords Yara Rules
⭐
17
yara detection rules for hunting with the threathunting-keywords project
Ir_scripts
⭐
15
incident response scripts
Apollon
⭐
12
Proof-of-Concept to evade auditd by writing /proc/PID/mem
Threathunting_with_osquery
⭐
11
Threat Hunting & Incident Investigation with Osquery
Hashlookup Gui
⭐
10
Provides a multi-platform Graphical User Interface for hashlookup
User_accounts_hunting
⭐
9
The scrip will help you to find some values info for the user that you need as DFIR
Aisle25
⭐
9
Detect leaks in security event logs.
Packettrail
⭐
5
Associates netflow data with system processes and logs to syslog
1-39 of 39 search results
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.