A collection of tools and resources for threat hunters. Sections: - Hunting Tools: Open source tools for hunting like Velociraptor, osquery, GRR, ELK, Sysmon, and more. - Resources: Useful resources to get started in Threat Hunting. - Hunting with AI: Leveraging ChatGPT prompts for Threat Hunting. - Must Read: Articles and blog posts covering different aspects of Threat Hunting. - Custom Scripts: Tools and scripts to support different types of hunts.
FEATURES
ALTERNATIVES
A library of event-based analytics written in EQL to detect adversary behaviors, now integrated into the Detection Engine of Kibana.
A database of Tor exit nodes with their corresponding IP addresses and timestamps.
A visualization tool for threat analysis that organizes APT campaign information and visualizes relations of IOC.
A comprehensive list of APT groups and operations for tracking and mapping different names and naming schemes used by cybersecurity companies and antivirus vendors.
Container of 200 Windows EVTX samples for testing detection scripts and training on DFIR.
Maltiverse automates Threat Intelligence for small and medium-sized SecOps teams, providing an effective and affordable service.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.