| OTRF/ThreatHunter-Playbook |
3,740 |
|
0 |
0 |
almost 3 years ago |
0 |
|
5 |
mit |
Python |
| A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient. |
| MHaggis/sysmon-dfir |
872 |
|
0 |
0 |
over 2 years ago |
0 |
|
0 |
gpl-3.0 |
|
| Sources, configuration and how to detect evil things utilizing Microsoft Sysmon. |
| A3sal0n/CyberThreatHunting |
755 |
|
0 |
0 |
over 2 years ago |
0 |
|
0 |
gpl-3.0 |
Python |
| A collection of resources for Threat Hunters - Sponsored by Falcon Guard |
| baronpan/SysmonHunter |
181 |
|
0 |
0 |
almost 4 years ago |
0 |
|
2 |
mit |
JavaScript |
| An easy ATT&CK-based Sysmon hunting tool, showing in Blackhat USA 2019 Arsenal |
| randomuserid/Tylium |
87 |
|
0 |
0 |
over 4 years ago |
0 |
|
1 |
other |
|
| Primary data pipelines for intrusion detection, security analytics and threat hunting |
| PolitoInc/ELK-Hunting |
39 |
|
0 |
0 |
over 8 years ago |
0 |
|
0 |
|
PowerShell |
| Threat Hunting with ELK Workshop (InfoSecWorld 2017) |
| paranoidninja/Threat-Hunting |
34 |
|
0 |
0 |
over 8 years ago |
0 |
|
0 |
|
Shell |
| This repo is dedicated to all my tricks, tweaks and modules for testing and hunting threats. This repo contains multiple directories which are in their own, different modules required for threat hunting. This repo will be updated as and when new changes are made. |
| MHaggis/app_splunk_sysmon_hunter |
33 |
|
0 |
0 |
about 9 years ago |
0 |
|
0 |
gpl-3.0 |
|
| Splunk App to assist Sysmon Threat Hunting |
| ceramicskate0/SWELF |
24 |
|
0 |
0 |
almost 3 years ago |
0 |
|
15 |
agpl-3.0 |
C# |
| Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest. |
| y3n11/Captain |
16 |
|
0 |
0 |
about 6 years ago |
0 |
|
0 |
mit |
C++ |
| Userland API monitor for threat hunting |
