A Python library to help with some common threat hunting data analysis operations
☆142Apr 23, 2023Updated 2 years ago
Alternatives and similar repositories for huntlib
Users that are interested in huntlib are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 7 years ago
- InvestigationPlaybookSpec☆71Sep 26, 2017Updated 8 years ago
- Repository containing Jupyter Notebooks for working with OSQuery tables and data☆17May 8, 2020Updated 5 years ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆251Jul 19, 2021Updated 4 years ago
- Open Source Security Events Metadata (OSSEM)☆1,289Feb 27, 2023Updated 3 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- ☆14May 30, 2018Updated 7 years ago
- Threat Hunting is time consuming enough as it is. Coming up with and tracking metrics to justify your hunt team to the Execs often takes…☆13Dec 7, 2022Updated 3 years ago
- A collection of notebooks built for defensive and offensive operations.☆77Oct 13, 2020Updated 5 years ago
- Signature engine for all your logs☆173Nov 13, 2023Updated 2 years ago
- Searches For Threat Hunting and Security Analytics☆239Mar 26, 2025Updated last year
- Useful Powershell Tools for operating or testing Infocyte HUNT☆19Jan 10, 2025Updated last year
- ☆25Aug 14, 2015Updated 10 years ago
- EventList☆378Mar 21, 2021Updated 5 years ago
- An open source framework for enterprise level automated analysis.☆394Jun 27, 2022Updated 3 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Firepit - STIX Columnar Storage☆18Jun 5, 2024Updated last year
- Bro/Zeek integration with osquery☆93Nov 2, 2020Updated 5 years ago
- Flexible framework that allows automation to process cyber threat information and update endpoint defense tools.☆20Oct 24, 2018Updated 7 years ago
- Automated, Collection, and Enrichment Platform☆326Nov 14, 2019Updated 6 years ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,176Jul 26, 2023Updated 2 years ago
- Splunk Boss of the SOC v1 data set.☆113Jun 13, 2018Updated 7 years ago
- Analyst tool for creating pivot maps of data sources☆16Sep 11, 2017Updated 8 years ago
- Python script to decode common encoded PowerShell scripts☆217Jun 13, 2018Updated 7 years ago
- Reconstruct process trees from event logs☆148Aug 12, 2020Updated 5 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Threat Alert Logic Repository☆93Feb 7, 2019Updated 7 years ago
- Windows Events Attack Samples☆2,541Jan 24, 2023Updated 3 years ago
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆506Oct 21, 2022Updated 3 years ago
- Cyber Defence Monitoring Course Suite :: Suricata, Bro, Moloch☆61Feb 20, 2017Updated 9 years ago
- Assimilate is a series of scripts for using the Naïve Bayes algorithm to find potential malicious activity in HTTP headers☆93Oct 15, 2017Updated 8 years ago
- File Scanning Framework☆295Sep 15, 2021Updated 4 years ago
- Expert Investigation Guides☆51Mar 18, 2021Updated 5 years ago
- Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…☆176Jun 10, 2021Updated 4 years ago
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆51Sep 22, 2025Updated 6 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- An Elasticsearch QUEry Language☆57Jul 3, 2017Updated 8 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Oct 31, 2018Updated 7 years ago
- A modern Python-3-based alternative to RegRipper☆212Mar 31, 2025Updated last year
- ☆42Sep 16, 2022Updated 3 years ago
- Detect Tactics, Techniques & Combat Threats☆2,275Jan 21, 2026Updated 2 months ago
- Python bindings for Yeti's API☆19Sep 12, 2023Updated 2 years ago
- Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists☆35Jan 8, 2026Updated 3 months ago