PSHunt is a Powershell Threat Hunting Module designed to scan remote endpoints for indicators of compromise or survey them for more comprehensive information related to the state of those systems. PSHunt began as the precursor to Infocyte's commercial product, Infocyte HUNT, and is now being open sourced for the benefit of the DFIR community. PSHunt is divided into several modules, functions, and folders, with Discovery functions used to identify hosts on the network, Scanners for modular queries, and Surveys for collecting comprehensive information from remote hosts.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
An open source threat intelligence platform for storing and managing cyber threat intelligence knowledge.
Create deceptive webpages to deceive and redirect attackers away from real websites by cloning them.
Open Source Intelligence solution for threat intelligence data enrichment and quick analysis of suspicious files or malware.
Knowledge base workflow management dashboard for YARA rules and C2 artifacts.
Globally-accessible knowledge base of adversary tactics and techniques for cybersecurity.
A platform for accessing threat intelligence and collaborating on cyber threats.
A Python library for handling TAXII v1.x messages and services to enable automated threat intelligence sharing and indicator exchange.
A system for collecting, managing, and distributing security information on a large scale, developed by CERT Polska.
A collection of public YARA signatures for various malware families.
PINNED

Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.