IntelOwl: manage your Threat Intelligence at scale
翻译 - 英特尔®猫头鹰:从单个API大规模分析文件,域,IP
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, Threa...
翻译 - Malwoverview是第一个响应工具,可在包含恶意软件样本,特定恶意软件样本,可疑URL和域的目录中执行初始和快速分类。此外,它还允许下载样本并将其发送到主要的在线沙箱。
Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well a...
翻译 - 威胁追踪虚拟机(VM):一种完全可自定义的,基于Windows的开源发行版,专注于威胁情报分析和攻击,旨在为情报和恶意软件分析人员以及威胁猎人提供快速启动和运行的机会。
Actionable analytics designed to combat threats
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
翻译 - 一个 Cloud Forensics Powershell 模块,用于对来自 Azure 和 O365 的数据运行威胁搜寻剧本
Tenzir is the data pipeline engine for security teams.
#Awesome#Awesome list of keywords and artifacts for Threat Hunting sessions
KQL Queries. Microsoft Defender, Microsoft Sentinel
#计算机科学#A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Indu...
Detecting ATT&CK techniques & tactics for Linux
#Awesome#Purpleteam scripts simulation & Detection - trigger events for SOC detections
An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Enhance your malware detection with WAF + YARA (WAFARAY)
Collection of Dashboards for Threat Hunting and more!
Sysmon config for both Windows and Linux Devices. Windows one is a bit dated
Sigma detection rules for hunting with the threathunting-keywords project