TracecatHQ / huntsLinks
๐ปโโ๏ธ ๐น Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.
โ13Updated last year
Alternatives and similar repositories for hunts
Users that are interested in hunts are comparing it to the libraries listed below
Sorting:
- โ11Updated this week
- Open-source Fabric templates for cybersecurity and complianceโ21Updated 7 months ago
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.โ58Updated 3 years ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The researchโฆโ47Updated 3 months ago
- Workflows for Shuffleโ23Updated 2 years ago
- This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that maโฆโ16Updated 3 years ago
- Track progress and keep notes while working through likethecoins' CTI Self Study Planโ28Updated 3 years ago
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.โ35Updated 3 years ago
- โ94Updated 3 weeks ago
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.โ29Updated 2 years ago
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.โ45Updated 2 weeks ago
- Anvilogic Forgeโ107Updated last week
- A pySigma wrapper and langchain toolkit for automatic rule creation/translationโ84Updated 3 months ago
- Extracts IoCs, TTPs and the relationships between them. Outputs a STIX 2.1 bundle.โ67Updated this week
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromiseโ66Updated last year
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each techniqueโ67Updated last year
- Automatic detection engineering technical state complianceโ55Updated last year
- A collection of tips for using MISP.โ74Updated 8 months ago
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CKยฎ knowledge base at your fingertips with text search, conteโฆโ78Updated 2 months ago
- simple webapp for converting sigma rules into siem queries using the pySigma libraryโ51Updated 2 years ago
- pocket guide for core detection engineering conceptsโ30Updated 2 years ago
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)โ33Updated last year
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365โ21Updated 10 months ago
- Library of threat hunts to get any user started!โ45Updated 5 years ago
- A preconfigured Velociraptor triage collectorโ55Updated this week
- โ19Updated 3 years ago
- โ30Updated 2 months ago
- A tool that allows you to document and assess any security automation in your SOCโ47Updated 10 months ago
- A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry Nโฆโ39Updated 4 months ago
- Invictus Threat Intelligence: IOCs and TTPs from blogs, research and moreโ12Updated 2 weeks ago