Oriana
Threat hunting tool leveraging Windows events for identifying outliers and suspicious behavior.
Jupyter Notebooks are used to create capabilities around categories or stages of threats, allowing users to consume, enrich, and output data for gaining insights that may not be visible otherwise. The tool emphasizes the importance of continuously adding new methods, data sources, and expertise to enhance the hunting process.
Threat hunting tool leveraging Windows events for identifying outliers and suspicious behavior.
ONYPHE is a cyber defense search engine that discovers exposed assets and provides real-time monitoring to identify vulnerabilities and potential risks.
Collection of Yara rules for file identification and classification
CyBot is a free and open source threat intelligence chat bot with a community-driven plugin framework.
A tool for fetching and visualizing cyber threat intelligence data with Elasticsearch and Kibana integration.
A curated list of resources for learning about deploying, managing, and hunting with Microsoft Sysmon.