pocket guide for core threat hunting concepts
☆23May 6, 2020Updated 6 years ago
Alternatives and similar repositories for threat-hunting-pocket-guide
Users that are interested in threat-hunting-pocket-guide are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- pocket guide for core detection engineering concepts☆31May 8, 2023Updated 3 years ago
- A project in Golang that will create prefix-based magic MD5 hashes for type juggling.☆21Jul 29, 2018Updated 7 years ago
- RELK -- The Research Elastic Stack (Kafka, Beats, Zookeeper, Logstash, ElasticSearch, Kibana, Spark, & Jupyter -- All in Docker)☆28Nov 7, 2019Updated 6 years ago
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 7 years ago
- ☆15Sep 24, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Appendix resources for Intrinsec's "Amélioration des capacités de détection" handbook.☆13Mar 26, 2018Updated 8 years ago
- Powershell collection designed to assist in Threat Hunting Windows systems.☆27Apr 13, 2018Updated 8 years ago
- A set of tools for collecting forensic information☆28Apr 4, 2020Updated 6 years ago
- QEMU with rVMI extensions☆25Jul 25, 2017Updated 8 years ago
- A cyber threat intelligence server based on TAXII 2 and written in Golang☆32Sep 19, 2019Updated 6 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆25Mar 27, 2017Updated 9 years ago
- a shared short domain for XSS and other hacks☆32Mar 3, 2022Updated 4 years ago
- Testing/collecting some container breakouts☆94Jul 22, 2019Updated 6 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- certstream + analytics☆11Jan 17, 2020Updated 6 years ago
- ☆13Feb 6, 2018Updated 8 years ago
- A Splunk app with saved reports derived from Sigma rules☆73Apr 24, 2018Updated 8 years ago
- Scripts and rulesets for analysing the Winnti malware☆24Jul 24, 2019Updated 6 years ago
- Repository for my ATT&CK analysis research.☆70May 16, 2019Updated 7 years ago
- provides a Suricata Eve output for Kafka with Suricate Eve plugin☆15Nov 25, 2021Updated 4 years ago
- A tool for studying JavaScript malware.☆15Jun 17, 2026Updated last week
- Threat Hunter's Knowledge Base☆23Dec 27, 2021Updated 4 years ago
- Various public documents, whitepapers and articles about APT campaigns☆55Apr 1, 2016Updated 10 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Creating a Feed of MISP Events from ThreatFox (by abuse.ch)☆18Jun 2, 2021Updated 5 years ago
- A collection of typical false positive indicators☆56Dec 5, 2020Updated 5 years ago
- Terraform modules for Sumo Logic resources☆16Jun 17, 2026Updated last week
- Validates yara rules and tries to repair the broken ones.☆42Sep 5, 2020Updated 5 years ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Oct 12, 2018Updated 7 years ago
- Expert Investigation Guides☆50Mar 18, 2021Updated 5 years ago
- Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposes☆22Jun 15, 2022Updated 4 years ago
- Synthesising graphs and simulating things☆10Oct 25, 2022Updated 3 years ago
- YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.☆27Dec 14, 2021Updated 4 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- A curated list of awesome YARA rules, tools, and people.☆33Oct 26, 2023Updated 2 years ago
- Personal compilation of APT malware from whitepaper releases, documents and own research☆265Feb 7, 2019Updated 7 years ago
- ☆12Jun 4, 2025Updated last year
- ☆351Mar 19, 2021Updated 5 years ago
- A utility to trawl phishing domains and attempt to identify phishing kits as well as other malicious activity☆37Jan 14, 2022Updated 4 years ago
- Providing timelines based on OSINT Reports☆31Jun 21, 2023Updated 3 years ago
- dawg the hallway monitor - monitor operating system changes and analyze introduced attack surface when installing software☆55Nov 14, 2019Updated 6 years ago