Showcase your innovative cybersecurity solution to our dedicated audience of security professionals.
Reach out!
Modular Threat Hunting Tool & Framework
A free and open-source OSINT framework for gathering and analyzing data from various sources
A collection of tools and resources for threat hunters.
A repository to aid Windows threat hunters in looking for common artifacts.
A threat hunting capability that leverages Sysmon and MITRE ATT&CK on Azure Sentinel
A comprehensive Threat Intelligence Program Management Solution for managing the entire CTI lifecycle.
A Splunk app mapped to MITRE ATT&CK to guide threat hunts.
OpenIOC editor for building and manipulating threat intelligence data with support for various systems.
HoneyDB is a honeypot-based threat intelligence platform that provides real-time insights into attacker behavior and malicious activity on networks.
A collection of YARA rules for research and hunting purposes.
Tool for visualizing correspondences between YARA ruleset and samples
A Linux distribution designed for threat emulation and threat hunting, integrating attacker and defender tools for identifying threats in your environment.
A PowerShell module for threat hunting via Windows Event Logs
An informational repo about hunting for adversaries in your IT environment.
FireEye Mandiant SunBurst Countermeasures: freely available rules for detecting malicious files and activity
Threat hunting tool leveraging Windows events for identifying outliers and suspicious behavior.
Lists of sources and utilities to hunt, detect, and prevent evildoers.
Daily feed of bad IPs with blacklist hit scores for cybersecurity professionals to stay informed about malicious IP addresses.
Signature-based YARA rules for detecting and preventing threats within Linux, Windows, and macOS systems.
A community-driven project sharing detection logic, adversary tradecraft, and resources to make detection development more efficient, following MITRE ATT&CK structure.
Collection of YARA signatures from recent malware research.
Real-time, container-based file scanning system for threat hunting and incident response.
Utilize Jupyter Notebooks to enhance threat hunting capabilities by focusing on different threat categories or stages.
Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.
Unified repository for Microsoft Sentinel and Microsoft 365 Defender containing security content, detections, queries, playbooks, and resources to secure environments and hunt for threats.
RiskAnalytics Solutions offers community projects for cyber threat intelligence sharing and collaboration.
QRadio is a tool/framework designed to consolidate cyber threats intelligence sources.
Powershell Threat Hunting Module for scanning remote endpoints and collecting comprehensive information.
Threat hunter based on osquery and Salt Open, querying open network sockets against threat intelligence sources.
Open Source Threat Intelligence Gathering and Processing Framework
Repository of Yara Rules created by TjNel.
A threat hunting tool for Windows event logs to detect APT movements and decrease the time to uncover suspicious activity.
PolySwarm is a malware intelligence marketplace that aggregates threat detection engines to provide early detection, unique samples, and higher accuracy.
An Open Source solution for management of Threat Intelligence at scale, integrating multiple analyzers and malware analysis tools.
Cortex is a tool for analyzing observables at scale and automating threat intelligence, digital forensics, and incident response.
The Trystero Project is a threat intelligence platform that measures email security efficacy and provides various tools and resources, while VMware Carbon Black offers endpoint protection and workload security solutions.
A container of PCAP captures mapped to the relevant attack tactic
Automatically create yara rules based on images embedded in office documents.
Container of 200 Windows EVTX samples for testing detection scripts and training on DFIR.
Open source web app for storing and searching Actor related data from users and public repositories.
Pulsedive is a threat intelligence platform that provides frictionless threat intelligence for growing teams, offering features such as indicator enrichment, threat research, and API integration.
