ThreatHunting Logo

ThreatHunting

0
Free
Threat Management
Splunk
Sysmon
Mitre Attack
Incident Response
Threat Hunting
Visit Website

A Splunk application containing several dashboards and over 130 reports that facilitate initial hunting indicators to investigate. Requires ingesting Sysmon data into Splunk and tuning for effectiveness. Maps searches to the MITRE ATT&CK framework.

FEATURES

ALTERNATIVES

HoneyDB Logo
HoneyDB

HoneyDB is a honeypot-based threat intelligence platform that provides real-time insights into attacker behavior and malicious activity on networks.

Free
Threat Management
Combine Logo
Combine

Gathers Threat Intelligence Feeds from publicly available sources and provides detailed output in CSV format.

Free
Threat Management
VT_RuleMGR.py Logo
VT_RuleMGR.py

Tool for managing Yara rules on VirusTotal

Free
Threat Management
ShadowServer Logo
ShadowServer

A nonprofit security organization that collects and shares threat data to make the Internet more secure.

Free
Threat Management
Yara VirusTotal Commenter Logo
Yara VirusTotal Commenter

Scan files with Yara, match findings to VirusTotal comments.

Free
Threat Management
Yomi Logo
Yomi

Threat intelligence platform providing real-time threat data and insights.

Free
Threat Management
PSHunt Logo
PSHunt

Powershell Threat Hunting Module for scanning remote endpoints and collecting comprehensive information.

Free
Threat Management
YaraSharp Logo
YaraSharp

C# wrapper around Yara pattern matching library with Loki and Yara signature support.

Free
Threat Management

PINNED

InfoSecHired Logo

InfoSecHired

An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Resources
Mandos Brief Newsletter Logo

Mandos Brief Newsletter

A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Resources
CTIChef.com Detection Feeds Logo

CTIChef.com Detection Feeds

A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.

Threat Management
OSINTLeak Logo

OSINTLeak

OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.

Digital Forensics
ImmuniWeb® Discovery Logo

ImmuniWeb® Discovery

ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

Attack Surface Management
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security