Blauhaunt Logo

Blauhaunt

0
Free
Visit Website

Blauhaunt is a tool collection for filtering and visualizing logon events, designed to help answer the 'Cotton Eye Joe' question (Where did you come from where did you go) in Security Incidents and Threat Hunts. It provides an interactive user graph, heatmap of user activities, and timeline, and is designed for experienced DFIR specialists. The tool is easy to use, with no backend, and can be run locally by cloning the repository and running a simple HTTP server. Blauhaunt integrates with various tools and services, including PowerShell Script, Velociraptor Artifact, and Defender 365 KUSTO Query, making it a valuable resource for threat hunting and incident response.

FEATURES

ALTERNATIVES

A method for log volume reduction without losing analytical capability.

Free

Converts Sigma and Yara rules to CRYPTTECH's SIEM query language.

Free

A tool that collects and displays user activity and system events on a Windows system.

Free

Python application to translate Zeek logs into ElasticSearch's bulk load JSON format with detailed instructions and features.

Free

A Command Line Map-Reduce tool for analyzing cowrie log files over time and creating visualizations and statistics.

Free

Serverless, real-time data analysis framework for incident detection and response.

Free

SysmonSearch makes event log analysis more effective by aggregating Microsoft Sysmon logs and providing detailed analysis through Elasticsearch and Kibana.

Free

Open source security data lake for AWS with real-time log normalization and Detection-as-Code capabilities.

Free

PINNED