APT-Hunter is a Threat Hunting tool for Windows event logs which made by purple team mindset to detect APT movements hidden in the sea of Windows event logs to decrease the time to uncover suspicious activity. APT-Hunter uses pre-defined detection rules and focuses on statistics to uncover abnormalities which is very effective in compromise assessment. The output produced with a timeline that can be analyzed directly from Excel, Timeline Explorer, Timesketch, etc... Full information about the tool and how it's used in this article: introducing-apt-hunter-threat-hunting-tool-using-windows-event-log New Release Info: APT-HUNTER V3.0: Rebuilt with Multiprocessing and new cool features Author Twitter: @ahmed_khlief Linkedin: Ahmed Khlief Download APT-Hunter: Download the latest stable version of APT-Hunter with compiled binaries from Releases page. How to Use APT-Hunter: APT-Hunter built using python3 so in order to use the tool you need to install the required libraries. python3 -m pip install -r requirements.txt APT-Hunter is easy to use, you just use the argument -h to print help to see the options needed. python3 APT-Hunter.py -h Examples: Analyzing EVTX files, you can use the following command: python3 APT-Hunter.py -e <path_to_evt_file>
This tool is not verified yet and doesn't have listed features.
Did you submit the verified tool? Sign in to add features.
Are you the author? Claim the tool by clicking the icon above. After claiming, you can add features.
A free threat intelligence feed and banlist feed of known malicious IP addresses for public use only.
A collection of YARA rules for Windows, Linux, and Other threats.
BotScout.com provides proactive bot detection, screening, and banning through a powerful API.
A community-driven public malware repository providing access to malware samples, tools, and resources for the cybersecurity community.
The Ransomware Tool Matrix is a repository that lists and categorizes tools used by ransomware gangs, aiding in threat hunting, incident response, and adversary emulation.
An all-in-one email outreach platform for finding and connecting with professionals, with features for lead discovery, email verification, and cold email campaigns.