Open source security data pipelines.
-
Updated
Jul 16, 2024 - C++
Open source security data pipelines.
An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.
Kusto Conference
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
Awesome list of keywords and artifacts for Threat Hunting sessions
🏴☠️ BST is an ever-evolving collection of 🛠 tools to help in security and administration tasks 😉
IntelOwl: manage your Threat Intelligence at scale
Sysmon config for both Windows and Linux Devices. Windows one is a bit dated
Sigma detection rules for hunting with the threathunting-keywords project
Purpleteam scripts simulation & Detection - trigger events for SOC detections
This repository contains security detection rules I've created, using the flexible and open Sigma standard, designed to enhance consistency and efficiency in security operations across various log files.
Microsoft Defender XDR - Resource Hub
An updated fork of @3lp4tr0n's BeaconHunter. Detect and respond to Cobalt Strike beacons using ETW
Repository for SOC analysts, queries to investigate, advanced hunting, sites for analysis, malware samples, courses to improve skills, IOC and monitoring.
A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]
✨ I am maintaining this blog with https://beautifuljekyll.com
Project to Support The Hunter's Framework (THF)
THAMARA - Threat Hunting with AMSI and YARA
Kit de herramientas para atender un incidente de Ciberseguridad y elementos claves para poder gestionar y analizar artefactos basados en una intrusión informática.
Add a description, image, and links to the threathunting topic page so that developers can more easily learn about it.
To associate your repository with the threathunting topic, visit your repo's landing page and select "manage topics."