Threat Hunting
Explore 107 curated cybersecurity tools, with 15,538+ visitors searching for solutions
FEATURED
Cybercrime intelligence tools for searching compromised credentials from infostealers
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
Strelka is a real-time, container-based file scanning system that performs file extraction and metadata collection at enterprise scale for threat hunting, detection, and incident response.
Strelka is a real-time, container-based file scanning system that performs file extraction and metadata collection at enterprise scale for threat hunting, detection, and incident response.
Utilize Jupyter Notebooks to enhance threat hunting capabilities by focusing on different threat categories or stages.
Utilize Jupyter Notebooks to enhance threat hunting capabilities by focusing on different threat categories or stages.
Blue-team capture the flag competition for improving cybersecurity skills.
Blue-team capture the flag competition for improving cybersecurity skills.
A low-interaction honeypot for detecting and analyzing potential attacks on Android devices via ADB over TCP/IP
A low-interaction honeypot for detecting and analyzing potential attacks on Android devices via ADB over TCP/IP
Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.
Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.
Unified repository for Microsoft Sentinel and Microsoft 365 Defender containing security content, detections, queries, playbooks, and resources to secure environments and hunt for threats.
Unified repository for Microsoft Sentinel and Microsoft 365 Defender containing security content, detections, queries, playbooks, and resources to secure environments and hunt for threats.
RiskAnalytics Solutions offers community projects for cyber threat intelligence sharing and collaboration.
RiskAnalytics Solutions offers community projects for cyber threat intelligence sharing and collaboration.
INE Security offers a range of cybersecurity certifications, including penetration testing, mobile and web application security, and incident response.
INE Security offers a range of cybersecurity certifications, including penetration testing, mobile and web application security, and incident response.
QRadio is a tool/framework designed to consolidate cyber threats intelligence sources.
QRadio is a tool/framework designed to consolidate cyber threats intelligence sources.
Bitscout is a Bash-based live OS constructor tool for building customizable forensic environments used in remote system triage, malware hunting, and digital forensics investigations.
Bitscout is a Bash-based live OS constructor tool for building customizable forensic environments used in remote system triage, malware hunting, and digital forensics investigations.
A comprehensive guide to incident response, providing effective techniques for responding to advanced attacks against local and remote network resources.
A comprehensive guide to incident response, providing effective techniques for responding to advanced attacks against local and remote network resources.
XDR platform with endpoint security and threat detection capabilities
XDR platform with endpoint security and threat detection capabilities
Root the Box is a real-time CTF scoring engine that provides a configurable platform for cybersecurity training through gamified wargames and competitions.
Root the Box is a real-time CTF scoring engine that provides a configurable platform for cybersecurity training through gamified wargames and competitions.
Level 400 training to become a Microsoft Sentinel Ninja.
Level 400 training to become a Microsoft Sentinel Ninja.
Visualize and analyze network relationships with AfterGlow
Windows event log fast forensics timeline generator and threat hunting tool.
Windows event log fast forensics timeline generator and threat hunting tool.
Powershell Threat Hunting Module for scanning remote endpoints and collecting comprehensive information.
Powershell Threat Hunting Module for scanning remote endpoints and collecting comprehensive information.
Unfetter is a reference implementation framework that collects events from client machines and performs CAR analytics using an ELK stack with Apache Spark to detect potential adversary activity.
Unfetter is a reference implementation framework that collects events from client machines and performs CAR analytics using an ELK stack with Apache Spark to detect potential adversary activity.
Open Source Threat Intelligence Gathering and Processing Framework
Open Source Threat Intelligence Gathering and Processing Framework
A cybersecurity tool for collecting and analyzing forensic artifacts on live systems.
A cybersecurity tool for collecting and analyzing forensic artifacts on live systems.
Repository of Yara Rules created by TjNel.
A comprehensive repository of open-source security tools organized by attack phases for red team operations, adversary simulation, and threat hunting purposes.
A comprehensive repository of open-source security tools organized by attack phases for red team operations, adversary simulation, and threat hunting purposes.
Fast suspicious file finder for threat hunting and live forensics.
A threat hunting tool for Windows event logs to detect APT movements and decrease the time to uncover suspicious activity.
A threat hunting tool for Windows event logs to detect APT movements and decrease the time to uncover suspicious activity.
