☆59Mar 4, 2022Updated 4 years ago
Alternatives and similar repositories for threat-hunting-guide
Users that are interested in threat-hunting-guide are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Corelight-Ansible-Roles are a collection of Ansible Roles and playbooks that install, configure, run and manage a variety of Corelight, S…☆16Jun 15, 2021Updated 5 years ago
- A Zeek package that detects Zoom logins and meeting joins☆12Apr 15, 2020Updated 6 years ago
- Corelight Sensor API command-line client☆17Jan 9, 2026Updated 6 months ago
- Zeek Log Cheatsheets☆308Aug 12, 2025Updated 10 months ago
- Growing collection of Spicy-based protocol and file analyzers for Zeek☆32Sep 16, 2024Updated last year
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Bro Detection Scripts☆10Mar 9, 2021Updated 5 years ago
- Zeek package for tracking long connections to report them before they have completed.☆31Nov 25, 2025Updated 7 months ago
- Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science☆155Jul 1, 2026Updated last week
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆40Aug 18, 2022Updated 3 years ago
- Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine☆22Dec 8, 2024Updated last year
- Official documentation for TheHive Project applications☆21Sep 29, 2023Updated 2 years ago
- Collection of walkthroughs on various threat hunting techniques☆78Aug 3, 2020Updated 5 years ago
- ☆17Mar 24, 2026Updated 3 months ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆52Apr 25, 2024Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- PowerShell version of Fail2Ban☆14Oct 10, 2019Updated 6 years ago
- Ripple20 Critical Vulnerabilities - Detection Logic and Signatures☆12May 28, 2021Updated 5 years ago
- Tools for simulating threats☆202Oct 27, 2023Updated 2 years ago
- Bro analyzer that detects Google's QUIC protocol☆11Mar 2, 2021Updated 5 years ago
- Kafka connector to sync Zed lakes to and from Kafka topics☆18Dec 4, 2025Updated 7 months ago
- Collection of Dashboards for Threat Hunting and more!☆76Oct 17, 2020Updated 5 years ago
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆55May 11, 2026Updated last month
- Kerberos Haters Guide to Zeek Threat Hunting☆34Oct 14, 2021Updated 4 years ago
- A tool for detecting sensitive data in code repositories☆18Updated this week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Jupyter notebooks for threat hunting☆62May 16, 2026Updated last month
- A simple way of detecting multithreaded exfiltration in Zeek.☆15May 1, 2025Updated last year
- ☆62Updated this week
- SANS Hunting on the Cheap☆36Apr 12, 2016Updated 10 years ago
- An open standard for hashing network flows into identifiers, a.k.a "Community IDs".☆197Sep 23, 2024Updated last year
- A CLI tool for managing Chronicle user workflows☆18Apr 13, 2026Updated 2 months ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 5 years ago
- Zeek package to create JSON formatted logs to stream into data analysis systems.☆31Dec 3, 2025Updated 7 months ago
- Various AD tools needed for penetration testing in one place.☆25Jul 13, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Top DNS Measurement for Bro☆10Aug 22, 2020Updated 5 years ago
- setup zeek, previously Bro IDS☆17Updated this week
- VTC - Velociraptor Timeline Creator☆19May 15, 2024Updated 2 years ago
- In this training will be covered about a very basic step for malware analysis. Using several free tools to recognize malware behavior. Si…☆12May 25, 2016Updated 10 years ago
- Repository of resources for configuring a Red Team SIEM using Elastic☆103Jul 10, 2018Updated 7 years ago
- Challenge Python☆19Apr 26, 2023Updated 3 years ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆62Dec 16, 2023Updated 2 years ago