Jupyter Notebooks for Threat Hunting Logo

Jupyter Notebooks for Threat Hunting

0
Free
Visit Website

Jupyter Notebooks are used to create capabilities around categories or stages of threats, allowing users to consume, enrich, and output data for gaining insights that may not be visible otherwise. The tool emphasizes the importance of continuously adding new methods, data sources, and expertise to enhance the hunting process.

FEATURES

ALTERNATIVES

Container of 200 Windows EVTX samples for testing detection scripts and training on DFIR.

AbuseHelper is an open-source framework for receiving and redistributing abuse feeds and threat intel.

DNSDumpster is a domain research tool for discovering and analyzing DNS records to map an organization's attack surface.

A threat hunting capability that leverages Sysmon and MITRE ATT&CK on Azure Sentinel

QRadio is a tool/framework designed to consolidate cyber threats intelligence sources.

A collection of APT and cybercriminals campaigns with various resources and references.

Threat hunting tool leveraging Windows events for identifying outliers and suspicious behavior.

Official repository of YARA rules for threat detection and hunting

PINNED