Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for python threat hunting
python
x
threat-hunting
x
87 search results found
Dnstwist
⭐
4,285
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Intelowl
⭐
2,995
IntelOwl: manage your Threat Intelligence at scale
Malwoverview
⭐
2,492
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
Apt_report
⭐
2,078
Interesting APT Report Collection And Some Special IOC
Yeti
⭐
1,568
Your Everyday Threat Intelligence
Beagle
⭐
1,171
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Apt Hunter
⭐
1,045
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
Hunting Queries Detection Rules
⭐
865
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Cyberthreathunting
⭐
755
A collection of resources for Threat Hunters - Sponsored by Falcon Guard
Atomic Threat Coverage
⭐
740
Actionable analytics designed to combat threats
Threatingestor
⭐
730
Extract and aggregate threat intelligence.
Fatt
⭐
622
FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic
Stalkphish
⭐
581
StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
Opensquat
⭐
576
The openSquat project is an open-source solution for detecting phishing domains and domain squatting. It searches for newly registered domains that impersonate legitimate domains on a daily basis.
Scirius
⭐
552
Scirius is a web application for Suricata ruleset management and threat hunting.
Misp Galaxy
⭐
455
Clusters and elements to attach to MISP events or attributes (like threat actors)
Scrummage
⭐
448
The Ultimate OSINT and Threat Hunting Framework
Open Source Threat Intel Feeds
⭐
403
This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.
Rmeye
⭐
350
戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.
Openuba
⭐
264
A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]
Yara Rules
⭐
261
A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
Kestrel Lang
⭐
258
Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
Patrowlengines
⭐
240
PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Threatbus
⭐
239
🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
Osweep
⭐
237
Don't Just Search OSINT. Sweep It.
C2 Tracker
⭐
225
Live Feed of C2 servers, tools, and botnets
Stix Shifter
⭐
204
This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.
Sublime Rules
⭐
198
Sublime rules for email attack detection, prevention, and threat hunting.
Epagneul
⭐
180
Graph Visualization for windows event logs
Bearded Avenger
⭐
176
CIF v3 -- the fastest way to consume threat intelligence
Phishingkithunter
⭐
157
Find phishing kits which use your brand/organization's files and image.
Patrowlhears
⭐
150
PatrowlHears - Vulnerability Intelligence Center / Exploits
Ioc Finder
⭐
144
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
Oriana
⭐
136
Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Subcrawl
⭐
134
SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data with optional output modules, such as MISP.
Infosec And Hacking Scripts
⭐
118
🚀 This is a collection of hacking🔥 and pentesting 🧐 scripts to help with enumeration, OSINT, exploitation and post exploitation automated scripts to make hacking easier🌠. Have fun!😎
Analyst Arsenal
⭐
114
A toolkit for Security Researchers
Murmurhash
⭐
101
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Detections
⭐
98
This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.
Thiri Notebook
⭐
95
The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules.
Evtx Hunter
⭐
93
evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
Uncoder_io
⭐
81
An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.
Ioc Explorer
⭐
66
Explore Indicators of Compromise Automatically
Mail_to_misp
⭐
65
Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
Sqhunter
⭐
65
A simple threat hunting tool based on osquery, Salt Open and Cymon API
Secbert
⭐
61
pretrained BERT model for cyber security text, learned CyberSecurity Knowledge
Cif V5
⭐
56
The FASTEST way to consume threat intel.
Pylirt
⭐
52
Pylirt - Python Linux Incident Response Toolkit
Favihunter
⭐
51
Hunting assets on the internet using favicon hashes
Threat Hunting With Notebooks
⭐
47
Repository with Sample threat hunting notebooks on Security Event Log Data Sources
Rajappan
⭐
44
An All in one Project for Digital Privacy. A step towards a PRIVATE FUTURE
Sysmonresources
⭐
40
Consolidation of various resources related to Microsoft Sysmon & sample data/log
Censys Recon Ng
⭐
36
recon-ng modules for Censys
Yara Scanner
⭐
34
YaraScanner is a file pattern-matching tool based on YARA rules.
Threathunting Keywords Sigma Rules
⭐
32
Sigma detection rules for hunting with the threathunting-keywords project
Misp Tools
⭐
28
Import CrowdStrike Threat Intelligence into your instance of MISP
Csirtg Smrt V1
⭐
27
the fastest way to consume threat intelligence.
Domaincat
⭐
26
Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations
Verbose Robot
⭐
26
The Fastest way to consume Threat Intel
Infrastructure Tracking Schema
⭐
22
Sophos Central Api Connector
⭐
22
Leverage Sophos Central API
Bluelay
⭐
21
Searches online paste sites for certain search terms which can indicate a possible data breach.
Akamaru
⭐
20
Sniffing out well-known threat groups
Pybinaryedge
⭐
18
Python 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/
Geoipplotter
⭐
17
GeoIP plotting script written in Python to help security teams draw visualized reports from IP addresses
Mass Scanning Tools
⭐
17
Various scripts for mass-scanning engagements of world-facing services.
Domainthreat
⭐
17
Daily Domain Monitoring to detect phishing and brand impersonation with subdomain enumeration and source code scraping
Chad
⭐
17
Search Google Dorks like Chad. / Social media takeover tool.
Yafra
⭐
16
YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Cs Discovery
⭐
16
Finding Cobalt Strike fingerprint on targets via traffic telemetry.
Xn Twist
⭐
16
Find Unicode (including Internationalized) domain squats. https://xntwist.hightower.space/
Amphunt
⭐
15
Cisco AMP threat hunting scripts
Firepit
⭐
15
Firepit - STIX Columnar Storage
Hanoman
⭐
15
Hanoman is an GUI antivirus engine singature based detection 🐒
Pyeti
⭐
15
Python bindings for Yeti's API
Syspce
⭐
15
System Processes Correlation Engine
Utilities
⭐
14
This repository contains tools used by 401trg.
Aws Threathunting
⭐
13
Projects for AWS ThreatHunting
File_watchtower
⭐
12
Lightweight File Integrity Monitoring Tool
Threatintelligence
⭐
10
Malicious IP source.
Pastebinscrapy
⭐
10
Threat hunting tool for scraping latest scrapes from Pastebin
Aisle25
⭐
9
Detect leaks in security event logs.
Spyglass
⭐
9
SpyGlass, the all in one tool for a kickass api.
Context Graph Analytics
⭐
9
Time series knowledge graphs for cybersecurity
Boxcar
⭐
9
Process the fortune 1000 domains to identify live typo-sites. Save results into a database for later processing and analysis.
Domain Extractor
⭐
8
Extract valid or partially valid domain names and IPs from malicious or invalid URLs.
Ioc Matching
⭐
7
IOC matching for incident responders, threat hunters, detection engineers, and security engineers.
Automation Sig Www
⭐
7
Automation SIG
Ail Feeder Leak
⭐
7
AIL LeakFeeder: A Module for AIL Framework that automate the process to feed leaked files automatically
Plast
⭐
5
Modular command-line threat hunting tool & framework.
Certthreat
⭐
5
CERT Transparency Log Monitoring for brand names and mailing domain names to detect phishing and brand impersonations
Thethreathuntlibrary
⭐
5
Library of threat hunts to get any user started!
Packettrail
⭐
5
Associates netflow data with system processes and logs to syslog
Related Searches
Python Django (28,197)
Python Machine Learning (20,195)
Python Dataset (14,792)
Python Flask (14,408)
Python Docker (14,113)
Python Tensorflow (13,737)
Python Command Line (13,351)
Python Deep Learning (13,092)
Python Jupyter Notebook (12,976)
Python Network (11,701)
1-87 of 87 search results
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.