An informational repo about hunting for adversaries in your IT environment.
A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
A collection of resources for Threat Hunters
Tools for hunting for threats.
A curated list of the most important and useful resources about Threat Detection,Hunting and Intelligence.
#Awesome#Awesome list of keywords and artifacts for Threat Hunting sessions
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
Virtual Machine for Adversary Emulation and Threat Hunting
A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
Personal compilation of APT malware from whitepaper releases, documents and own research
Misc Threat Hunting Resources
Threat Hunting & Incident Investigation with Osquery
A tool for OSINT based threat hunting
翻译 - 运行OSINT查询和连续管理结果的助手
A Holistic OSINT and Threat Hunting Platform
ATT&CK Remote Threat Hunting Incident Response
Threat Hunting tool about Sysmon and graphs
翻译 - 关于Sysmon和图的威胁搜寻工具
Threat Hunting Kiddie compile the techniques and Indicator of Compromise (IoC) to perform the Compromise Assessment and Threat Hunting.
Repository with Sample KQL Query examples for Threat Hunting
✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
Sublime rules for email attack detection, prevention, and threat hunting.
Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
翻译 - Kestrel 威胁狩猎语言
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
翻译 - Watcher-开源网络安全威胁搜寻平台。用Django&React JS开发。
Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management