Repository intended to allow users to leverage site fingerprints within their environments for threat detection and threat hunting
-
Updated
Jun 8, 2024
Repository intended to allow users to leverage site fingerprints within their environments for threat detection and threat hunting
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Automatically created C2 Feeds
🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍
Harness the power of Splunk for your investigations
Threat Hunting queries for various attacks
Live Feed of C2 servers, tools, and botnets
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, and case management. It also includes other tools such as Playbook, osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
Sublime rules for email attack detection, prevention, and threat hunting.
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
🏴☠️ BST is an ever-evolving collection of 🛠 tools to help in security and administration day to day tasks 😉
Malicious IP source.
Interesting APT Report Collection And Some Special IOC
The Intelligence Analyst's Workstation
常见的黑客行为监测特征及方法,涵盖端点和流量,未包含PowerShell和Sysmon。预祝运营生活愉快!
A curated list of annual cyber security reports
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
Add a description, image, and links to the threat-hunting topic page so that developers can more easily learn about it.
To associate your repository with the threat-hunting topic, visit your repo's landing page and select "manage topics."