COLLECTED BY
Organization:
Internet Archive
Focused crawls are collections of frequently-updated webcrawl data from narrow (as opposed to broad or wide) web crawls, often focused on a single domain or subdomain.
The Wayback Machine - https://web.archive.org/web/20200727093723/https://github.com/topics/threat-hunting
Here are
162 public repositories
matching this topic...
MISP (core software) - Open Source Threat Intelligence and Sharing Platform (formely known as Malware Information Sharing Platform)
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Updated
Jul 7, 2020
Python
Sysmon configuration file template with default high-quality event tracing
Updated
Jul 27, 2020
Jupyter Notebook
A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
Updated
Jun 22, 2020
Python
A curated list of awesome threat detection and hunting resources
A curated list of awesome YARA rules, tools, and people.
Signature base for my scanner tools
Updated
Jul 27, 2020
YARA
A repository of sysmon configuration modules
Updated
Jul 19, 2020
PowerShell
Your Everyday Threat Intelligence
Updated
Jul 21, 2020
Python
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Updated
Dec 3, 2019
Python
A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
Updated
Jul 26, 2020
Python
A Linux Auditd rule set mapped to MITRE's Attack Framework
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Advanced Sysmon configuration, Installer & Auto Updater with high-quality event tracing
Updated
Feb 20, 2019
Batchfile
An Active Defense and EDR software to empower Blue Teams
FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic
Updated
Nov 4, 2019
Python
FCL (Fileless Command Lines) - Known command lines of fileless malicious executions
Extract and aggregate threat intelligence.
Updated
Jul 16, 2020
Python
PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Updated
Jul 24, 2020
HTML
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
Updated
Feb 27, 2020
PowerShell
Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Clusters and elements to attach to MISP events or attributes (like threat actors)
Updated
Jul 27, 2020
Python
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
Updated
Nov 8, 2019
PowerShell
Archive of publicly available threat INTel reports (mostly APT Reports but not limited to).
Personal compilation of APT malware from whitepaper releases, documents and own research
StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
Updated
Jan 25, 2020
Python
⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases
Improve this page
Add a description, image, and links to the
threat-hunting
topic page so that developers can more easily learn about it.
Curate this topic
Add this topic to your repo
To associate your repository with the
threat-hunting
topic, visit your repo's landing page and select "manage topics."
Learn more
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session.
You signed out in another tab or window. Reload to refresh your session.
