TracecatHQ / huntsLinks
๐ปโโ๏ธ ๐น Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.
โ10Updated last year
Alternatives and similar repositories for hunts
Users that are interested in hunts are comparing it to the libraries listed below
Sorting:
- Firepit - STIX Columnar Storageโ16Updated 11 months ago
- Open-source Fabric templates for cybersecurity and complianceโ20Updated 4 months ago
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.โ35Updated 2 years ago
- Workflows for Shuffleโ23Updated 2 years ago
- This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that maโฆโ16Updated 2 years ago
- Threat Detection & Anomaly Detection rules for popular open-source componentsโ52Updated 2 years ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threaโฆโ18Updated 5 years ago
- Library of threat hunts to get any user started!โ44Updated 4 years ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365โ20Updated 7 months ago
- Automatic detection engineering technical state complianceโ55Updated 10 months ago
- Repo for Automations and other solutions for Elastic SIEM/Security.โ18Updated 3 years ago
- Jupyter Univere is a search engine for all infosec jupyter notebooksโ26Updated 2 months ago
- Sharing Threat Hunting runbooksโ25Updated 5 years ago
- ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CKยฎ vโฆโ20Updated last week
- โ11Updated 4 years ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidentsโ43Updated last year
- A pySigma wrapper and langchain toolkit for automatic rule creation/translationโ81Updated 2 weeks ago
- DNS Dashboard for hunting and identifying beaconingโ16Updated 4 years ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.โ38Updated last year
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.โ57Updated 3 years ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The researchโฆโ41Updated 3 weeks ago
- โ18Updated 3 years ago
- YARA, SIGMA, SNORT Rules based on Malware Analysisโ16Updated last month
- Merge of two major cyber adversary datasets, MITRE ATT&CK and ETDA/ThaiCERT Threat Actor Cards, enabling victim/motivation-adversary-techโฆโ54Updated 2 years ago
- โ92Updated 2 weeks ago
- Track progress and keep notes while working through likethecoins' CTI Self Study Planโ28Updated 2 years ago
- Chapter 9: Disseminateโ14Updated 7 years ago
- Threat Simulator for Enterprise Networksโ14Updated 3 years ago
- A few quick recipes for those that do not have much time during the dayโ22Updated 7 months ago
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.โ29Updated last year