TracecatHQ / huntsLinks
π»ββοΈ πΉ Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.
β13Updated last year
Alternatives and similar repositories for hunts
Users that are interested in hunts are comparing it to the libraries listed below
Sorting:
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The researchβ¦β51Updated 5 months ago
- β11Updated last week
- Convert Sigma rules to SIEM queries, directly in your browser.β96Updated this week
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.β59Updated 3 years ago
- This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that maβ¦β16Updated 3 years ago
- Short deep dive into Threat Hunting on AWSβ14Updated 2 years ago
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.β35Updated 3 years ago
- Track progress and keep notes while working through likethecoins' CTI Self Study Planβ29Updated 3 years ago
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.β54Updated 2 months ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translationβ85Updated 5 months ago
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proacβ¦β89Updated 2 years ago
- Rules shared by the community from 100 Days of YARA 2025β36Updated 9 months ago
- β98Updated 2 months ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.β52Updated last year
- Automatic detection engineering technical state complianceβ55Updated last year
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)β33Updated last year
- simple webapp for converting sigma rules into siem queries using the pySigma libraryβ51Updated 2 years ago
- Open-source Fabric templates for cybersecurity and complianceβ22Updated 9 months ago
- Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposesβ21Updated 3 years ago
- Library of threat hunts to get any user started!β45Updated 5 years ago
- Workflows for Shuffleβ24Updated 3 years ago
- β50Updated last month
- Anvilogic Forgeβ110Updated last month
- Repository that contains a set of purposefully erroneous Yara rules.β59Updated 3 months ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365β23Updated last year
- A preconfigured Velociraptor triage collectorβ56Updated this week
- A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry Nβ¦β40Updated 6 months ago
- Extracts IoCs, TTPs and the relationships between them. Outputs a STIX 2.1 bundle.β73Updated last week
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.β30Updated 2 years ago
- The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.β49Updated 6 months ago