corelight / threat-hunting-guideView external linksLinks
☆58Mar 4, 2022Updated 3 years ago
Alternatives and similar repositories for threat-hunting-guide
Users that are interested in threat-hunting-guide are comparing it to the libraries listed below
Sorting:
- Corelight-Ansible-Roles are a collection of Ansible Roles and playbooks that install, configure, run and manage a variety of Corelight, S…☆16Jun 15, 2021Updated 4 years ago
- Zeek Log Cheatsheets☆302Aug 12, 2025Updated 6 months ago
- Growing collection of Spicy-based protocol and file analyzers for Zeek☆32Sep 16, 2024Updated last year
- A Zeek package that detects Zoom logins and meeting joins☆12Apr 15, 2020Updated 5 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆38Aug 18, 2022Updated 3 years ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆51Apr 25, 2024Updated last year
- VTC - Velociraptor Timeline Creator☆19May 15, 2024Updated last year
- Collection of Dashboards for Threat Hunting and more!☆73Oct 17, 2020Updated 5 years ago
- Corelight Sensor API command-line client☆17Jan 9, 2026Updated last month
- Collection of walkthroughs on various threat hunting techniques☆76Aug 3, 2020Updated 5 years ago
- Jupyter notebooks for threat hunting☆60Mar 26, 2025Updated 10 months ago
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆50Sep 22, 2025Updated 4 months ago
- Official documentation for TheHive Project applications☆21Sep 29, 2023Updated 2 years ago
- Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science☆148Feb 1, 2026Updated 2 weeks ago
- In this training will be covered about a very basic step for malware analysis. Using several free tools to recognize malware behavior. Si…☆12May 25, 2016Updated 9 years ago
- Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine☆22Dec 8, 2024Updated last year
- Threat Hunting Malware Infrastructure☆11Dec 3, 2023Updated 2 years ago
- Ripple20 Critical Vulnerabilities - Detection Logic and Signatures☆12May 28, 2021Updated 4 years ago
- Bro Detection Scripts☆10Mar 9, 2021Updated 4 years ago
- ☆42Sep 16, 2022Updated 3 years ago
- Tools for simulating threats☆199Oct 27, 2023Updated 2 years ago
- Repository of resources for configuring a Red Team SIEM using Elastic☆101Jul 10, 2018Updated 7 years ago
- Zeek package for tracking long connections to report them before they have completed.☆31Nov 25, 2025Updated 2 months ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆117Nov 28, 2023Updated 2 years ago
- Tool to perform differential fault analysis attack (DFA) on whiteboxes with external encodings.☆16Feb 10, 2023Updated 3 years ago
- Command-line tool to format and syntax highlight Suricata rules☆13Nov 30, 2019Updated 6 years ago
- PowerShell version of Fail2Ban☆13Oct 10, 2019Updated 6 years ago
- ☆12Jun 29, 2021Updated 4 years ago
- A collection of cyberchef recipes for use in osint investigations☆14Jul 2, 2022Updated 3 years ago
- Athenz is a role-based authorization (RBAC) system for provisioning and configuration (centralized authorization) use cases as well as se…☆13Oct 29, 2019Updated 6 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆159Mar 10, 2025Updated 11 months ago
- evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.☆158Nov 30, 2021Updated 4 years ago
- GQUIC Protocol Analyzer for Zeek (Bro) Network Security Monitor☆80Sep 13, 2023Updated 2 years ago
- Quickly generate suricata rules for IOCs☆28Apr 30, 2021Updated 4 years ago
- ThreatSeeker: Threat Hunting via Windows Event Logs☆124May 16, 2023Updated 2 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- A simple way of detecting multithreaded exfiltration in Zeek.☆15May 1, 2025Updated 9 months ago
- Vagrant Files to create a Virtualbox VM for Malware Analysis☆13Jun 1, 2021Updated 4 years ago
- Single-threaded epoll-based concurrent bulk whois client☆31Oct 31, 2017Updated 8 years ago