Threat Hunting
Browse 657 threat hunting tools
FEATURED
AI-powered security assistant for autonomous threat detection and response
AI-powered security operations platform for automated threat analysis and response
Kunai is a Linux-based system monitoring tool that provides real-time monitoring and threat hunting capabilities.
Threat intelligence platform providing real-time data from 300bn+ daily IPs
A comprehensive resource for threat hunting in Active Directory environments, covering tracking command-line/PowerShell activity, Kerberoasting detection, auditing attacker activity, and monitoring enterprise command-line activity.
24x7x365 MDR service with expert-led threat monitoring and remediation
A high-interaction honeypot solution for detecting and analyzing SMB-based attacks
A free and open-source OSINT framework for gathering and analyzing data from various sources
A repository to aid Windows threat hunters in looking for common artifacts.
A threat hunting capability that leverages Sysmon and MITRE ATT&CK on Azure Sentinel
Intezer is a cloud-based malware analysis platform that detects and classifies malware using genetic code analysis.
A runtime threat management and attack path enumeration tool for cloud-native environments
A comprehensive Threat Intelligence Program Management Solution for managing the entire CTI lifecycle.
A honeypot designed to detect and analyze malicious activities in instant messaging platforms.
A comprehensive incident response and threat hunting tool for Google Cloud Platform, providing logs and forensic data for effective incident response and threat hunting.
A community-driven repository of pre-built security analytics queries and rules for monitoring and detecting threats in Google Cloud environments across various log sources and activity types.
PyIOCe is a Python-based OpenIOC editor that enables security professionals to create, edit, and manage Indicators of Compromise for threat intelligence and incident response operations.
HoneyDB is a honeypot-based threat intelligence platform that provides real-time insights into attacker behavior and malicious activity on networks.
A program to extract IOCs from text files using regular expressions
Fake protocol server simulator supporting 50+ network protocols for deception
