Hestat / soc-threat-huntingView external linksLinks
Repo of python/bash scripts for identifying IoC's in threat feed and other online tools
☆26Jul 27, 2020Updated 5 years ago
Alternatives and similar repositories for soc-threat-hunting
Users that are interested in soc-threat-hunting are comparing it to the libraries listed below
Sorting:
- CTI-URLScan is a command line tool to enable analysts to search URLscan.io submissions. Pull screenshot and DOM content. As well as, auto…☆10Mar 2, 2021Updated 4 years ago
- Tools for hunting security threats☆12Feb 4, 2020Updated 6 years ago
- A script to assist in processing forensic RAM captures for malware triage☆26Feb 4, 2021Updated 5 years ago
- ☆13Feb 6, 2018Updated 8 years ago
- Threat Detection System using Hybrid (Machine Learning + Lexical Analysis) learning Approach.☆11May 30, 2017Updated 8 years ago
- Use DNS to hunt for threats including DGAs☆15Jan 4, 2016Updated 10 years ago
- Repository of scripts/tools that may be useful in Security Operations Centres (SOC)☆55Nov 25, 2020Updated 5 years ago
- ☆15Aug 29, 2025Updated 5 months ago
- Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposes☆22Jun 15, 2022Updated 3 years ago
- Quick SOC L1 ticket structure☆40Jun 20, 2019Updated 6 years ago
- Library of threat hunts to get any user started!☆48Sep 4, 2020Updated 5 years ago
- Collection of Malware Lures☆23Oct 8, 2021Updated 4 years ago
- ☆18Oct 20, 2021Updated 4 years ago
- Presentation materials for talks I've given.☆20Oct 14, 2019Updated 6 years ago
- An elevated STIX representation of the MITRE ATT&CK Groups knowledge base☆23May 23, 2022Updated 3 years ago
- A generic security incident response playbook investigating and responding to potential compromises of Okta's internal systems, in the co…☆20Mar 24, 2022Updated 3 years ago
- Creating a Feed of MISP Events from ThreatFox (by abuse.ch)☆19Jun 2, 2021Updated 4 years ago
- Threat Modeling (based on STRIDE approach) for Kubernetes systems.☆25Oct 14, 2024Updated last year
- A curated list of resources to deep dive into the intersection of applied machine learning and threat detection.☆19Sep 23, 2020Updated 5 years ago
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆95Apr 13, 2022Updated 3 years ago
- Reference sheet for Threat Hunting Professional Course☆26Mar 10, 2019Updated 6 years ago
- Mirror network traffic from one interface to another on Windows☆25Feb 26, 2020Updated 5 years ago
- This repo is dedicated to all my tricks, tweaks and modules for testing and hunting threats. This repo contains multiple directories whic…☆57Jan 10, 2018Updated 8 years ago
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆69Dec 2, 2022Updated 3 years ago
- A CALDERA plugin☆27Jan 28, 2026Updated 2 weeks ago
- A triage data collection script for macOS☆28Nov 27, 2020Updated 5 years ago
- One Day of Python for SaintCon 2022☆11Jan 3, 2023Updated 3 years ago
- A Modular MWDB Utility to Collect Fresh Malware Samples☆34May 17, 2021Updated 4 years ago
- Community content for LogRhythm Axon. Includes Dashboards, searches, analytics rules, processing policies and more.☆10Jul 26, 2024Updated last year
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆71Jul 21, 2021Updated 4 years ago
- ☆13Jul 13, 2020Updated 5 years ago
- Cheat sheets for threat hunting, detection and other stuff.☆34Oct 7, 2022Updated 3 years ago
- Detect-X Automated Threat Detection by AI☆32Oct 10, 2019Updated 6 years ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆39Dec 17, 2025Updated 2 months ago
- Searches for Insider Threat Hunting☆29May 2, 2019Updated 6 years ago
- ☆78Jun 27, 2021Updated 4 years ago
- ☆10Aug 9, 2024Updated last year
- Numerous fork bombs in popular programming langs ...☆10May 25, 2017Updated 8 years ago
- Azure Deployment Templates for Mandiant Managed Huning☆12Jun 1, 2023Updated 2 years ago