Awesome YaraA curated list of awesome YARA rules, tools, and people.
Stars: ✭ 1,394 (+811.11%)
Mutual labels: threat-hunting, yara
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+186.93%)
Mutual labels: threat-hunting, yara
Yara RulesA collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
Stars: ✭ 206 (+34.64%)
Mutual labels: threat-hunting, yara
RpotReal-time Packet Observation Tool
Stars: ✭ 38 (-75.16%)
Mutual labels: threat-hunting, yara
Judge-Jury-and-ExecutableA file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Stars: ✭ 66 (-56.86%)
Mutual labels: threat-hunting, yara
Signature BaseSignature base for my scanner tools
Stars: ✭ 1,212 (+692.16%)
Mutual labels: threat-hunting, yara
DovehawkDovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
Stars: ✭ 97 (-36.6%)
Mutual labels: threat-hunting
Threathunting SplSplunk code (SPL) useful for serious threat hunters.
Stars: ✭ 117 (-23.53%)
Mutual labels: threat-hunting
ThreathuntThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: ✭ 92 (-39.87%)
Mutual labels: threat-hunting
Hunting Mindmaps🔍 Mindmaps for threat hunting - work in progress.
Stars: ✭ 86 (-43.79%)
Mutual labels: threat-hunting
OrianaOriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Stars: ✭ 152 (-0.65%)
Mutual labels: threat-hunting
Threatbus🚌 The missing link to connect open-source threat intelligence tools.
Stars: ✭ 139 (-9.15%)
Mutual labels: threat-hunting
Awesome Threat DetectionA curated list of awesome threat detection and hunting resources
Stars: ✭ 1,804 (+1079.08%)
Mutual labels: threat-hunting
Walkoff AppsWALKOFF-enabled applications. #nsacyber
Stars: ✭ 125 (-18.3%)
Mutual labels: yara
DetectionsThis repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.
Stars: ✭ 95 (-37.91%)
Mutual labels: threat-hunting
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+1281.7%)
Mutual labels: threat-hunting
PatrowlhearsPatrowlHears - Vulnerability Intelligence Center / Exploits
Stars: ✭ 89 (-41.83%)
Mutual labels: threat-hunting
Analyst ArsenalA toolkit for Security Researchers
Stars: ✭ 112 (-26.8%)
Mutual labels: threat-hunting
MthcAll-in-one bundle of MISP, TheHive and Cortex
Stars: ✭ 134 (-12.42%)
Mutual labels: threat-hunting
PlyaraParse YARA rules and operate over them more easily.
Stars: ✭ 108 (-29.41%)
Mutual labels: yara