Blauhaunt is a tool collection for filtering and visualizing logon events, designed to help answer the 'Cotton Eye Joe' question (Where did you come from where did you go) in Security Incidents and Threat Hunts. It provides an interactive user graph, heatmap of user activities, and timeline, and is designed for experienced DFIR specialists. The tool is easy to use, with no backend, and can be run locally by cloning the repository and running a simple HTTP server. Blauhaunt integrates with various tools and services, including PowerShell Script, Velociraptor Artifact, and Defender 365 KUSTO Query, making it a valuable resource for threat hunting and incident response.
This tool is not verified yet and doesn't have listed features.
Did you submit the verified tool? Sign in to add features.
Are you the author? Claim the tool by clicking the icon above. After claiming, you can add features.
Logdissect is a CLI utility and Python library for analyzing log files and other data.
A centralized tool for security monitoring and analysis that integrates various open source big data technologies.
IBM QRadar is a SIEM solution for real-time threat detection.
Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.
Security-Guard helps secure microservices and serverless containers by detecting and blocking exploits.
RedELK enhances Red Team operations with SIEM capabilities to monitor and alert on Blue Team activities.