PSHunt is a Powershell Threat Hunting Module designed to scan remote endpoints for indicators of compromise or survey them for more comprehensive information related to the state of those systems. PSHunt began as the precursor to Infocyte's commercial product, Infocyte HUNT, and is now being open sourced for the benefit of the DFIR community. PSHunt is divided into several modules, functions, and folders, with Discovery functions used to identify hosts on the network, Scanners for modular queries, and Surveys for collecting comprehensive information from remote hosts.
FEATURES
ALTERNATIVES
A tool for tracking, scanning, and filtering yara files with distributed scanning capabilities.
Maltrail is a malicious traffic detection system utilizing blacklists and heuristic mechanisms.
YARA signature and IOC database for LOKI and THOR Lite scanners with high quality rules and IOCs.
Provides breach and attack simulation products for security control validation, offering three different products to meet the needs of organizations of various sizes and maturity levels.
Unified repository for Microsoft Sentinel and Microsoft 365 Defender containing security content, detections, queries, playbooks, and resources to secure environments and hunt for threats.
A PowerShell script to interact with the MITRE ATT&CK Framework via its own API using the deprecated MediaWiki API.
A free threat intelligence feed and banlist feed of known malicious IP addresses for public use only.
A reference implementation for collecting events and performing CAR analytics to detect potential adversary activity.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.