TracecatHQ / huntsLinks
๐ปโโ๏ธ ๐น Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.
โ10Updated last year
Alternatives and similar repositories for hunts
Users that are interested in hunts are comparing it to the libraries listed below
Sorting:
- Open-source Fabric templates for cybersecurity and complianceโ20Updated 4 months ago
- This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that maโฆโ16Updated 2 years ago
- Threat Detection & Anomaly Detection rules for popular open-source componentsโ52Updated 2 years ago
- Firepit - STIX Columnar Storageโ16Updated 11 months ago
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.โ35Updated 2 years ago
- โ11Updated 4 years ago
- Library of threat hunts to get any user started!โ44Updated 4 years ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threaโฆโ18Updated 5 years ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The researchโฆโ41Updated 3 weeks ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.โ38Updated last year
- DNS Dashboard for hunting and identifying beaconingโ16Updated 4 years ago
- Automatic detection engineering technical state complianceโ55Updated 10 months ago
- YARA, SIGMA, SNORT Rules based on Malware Analysisโ16Updated last month
- ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CKยฎ vโฆโ20Updated last week
- Sharing Threat Hunting runbooksโ25Updated 5 years ago
- Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposesโ20Updated 2 years ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365โ20Updated 7 months ago
- Incident Response Report Using GitHub-Sphinxโ20Updated 5 years ago
- SIEM USE Case Selection Methodologyโ16Updated 4 years ago
- A web scraper to create MISP events and reportsโ15Updated last month
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.โ29Updated last year
- Project to Support The Hunter's Framework (THF)โ11Updated last year
- An elevated STIX representation of the MITRE ATT&CK Groups knowledge baseโ23Updated 3 years ago
- Workflows for Shuffleโ23Updated 2 years ago
- Extracts IoCs, TTPs and the relationships between them. Outputs a STIX 2.1 bundle.โ57Updated this week
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidentsโ43Updated last year
- โ11Updated 3 years ago
- Jupyter Univere is a search engine for all infosec jupyter notebooksโ26Updated 2 months ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translationโ81Updated 2 weeks ago
- Convert Sigma rules to LogRhythm searchesโ21Updated 3 years ago