fl0x2208 / ThreatHunting
An informational repo about hunting for adversaries in your IT environment.
☆14Updated 7 years ago
Alternatives and similar repositories for ThreatHunting:
Users that are interested in ThreatHunting are comparing it to the libraries listed below
- OSSEC Decoder & Rulesets for Sysmon Events☆15Updated 9 years ago
- Python script to pull various IOCs from PDFs☆15Updated 10 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆21Updated 6 years ago
- Various tools and scripts☆43Updated 2 years ago
- Tool to parse SRU database☆24Updated 6 years ago
- Home to the ActorTrackr source code☆24Updated 7 years ago
- ☆9Updated 7 years ago
- Open Development projects for TekDefense☆77Updated 8 years ago
- mindmap created for tools can be used during analysis/investigation☆27Updated 8 years ago
- Validate IOC from MISP ; Export results and iocs to SIEM and sensors using syslog and CEF format☆13Updated 8 years ago
- This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.☆12Updated 7 years ago
- RegRipper wrapper for simplified bulk parsing or registry hives☆9Updated 6 years ago
- Use DNS to hunt for threats including DGAs☆14Updated 9 years ago
- FireEye Alert json files to MISP Malware information sharing plattform (Alpha)☆32Updated 7 years ago
- Some IR notes☆73Updated 8 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated 10 months ago
- Cyber Intel Management☆48Updated 6 years ago
- Content Presented or Published in the Public Domain☆11Updated 5 years ago
- Fast incident overview☆39Updated 7 years ago
- Log Examination Tool☆26Updated 8 years ago
- Python script to automatically create sigma rules from The hive observables☆23Updated 5 years ago
- Performs OCR on image files and scans them for matches to YARA rules☆40Updated 6 years ago
- Splunk app for Threat hunting☆15Updated 6 years ago