Threat Hunting
Browse 657 threat hunting tools
FEATURED
Utilize Jupyter Notebooks to enhance threat hunting capabilities by focusing on different threat categories or stages.
Blue-team capture the flag competition for improving cybersecurity skills.
A low-interaction honeypot for detecting and analyzing potential attacks on Android devices via ADB over TCP/IP
Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.
Unified repository for Microsoft Sentinel and Microsoft 365 Defender containing security content, detections, queries, playbooks, and resources to secure environments and hunt for threats.
RiskAnalytics Solutions offers community projects for cyber threat intelligence sharing and collaboration.
INE Security offers a range of cybersecurity certifications, including penetration testing, mobile and web application security, and incident response.
QRadio is a tool/framework designed to consolidate cyber threats intelligence sources.
Bitscout is a Bash-based live OS constructor tool for building customizable forensic environments used in remote system triage, malware hunting, and digital forensics investigations.
A comprehensive guide to incident response, providing effective techniques for responding to advanced attacks against local and remote network resources.
AI-driven XDR platform for endpoint security with threat prevention and detection
Root the Box is a real-time CTF scoring engine that provides a configurable platform for cybersecurity training through gamified wargames and competitions.
Level 400 training to become a Microsoft Sentinel Ninja.
Windows event log fast forensics timeline generator and threat hunting tool.
Powershell Threat Hunting Module for scanning remote endpoints and collecting comprehensive information.
Unfetter is a reference implementation framework that collects events from client machines and performs CAR analytics using an ELK stack with Apache Spark to detect potential adversary activity.
A cybersecurity tool for collecting and analyzing forensic artifacts on live systems.
A comprehensive repository of open-source security tools organized by attack phases for red team operations, adversary simulation, and threat hunting purposes.
24/7 MDR service with threat detection, hunting, and guided remediation
A threat hunting tool for Windows event logs to detect APT movements and decrease the time to uncover suspicious activity.
