ThreatHunting Logo

ThreatHunting

0
Free
Visit Website

A Splunk application containing several dashboards and over 130 reports that facilitate initial hunting indicators to investigate. Requires ingesting Sysmon data into Splunk and tuning for effectiveness. Maps searches to the MITRE ATT&CK framework.

FEATURES

ALTERNATIVES

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol, with a focus on incident handling automation and threat intelligence processing.

A repository of cybersecurity datasets and tools curated by @sooshie.

A modular tool for collecting intelligence sources for files and outputting in CSV format.

A repository to aid Windows threat hunters in looking for common artifacts.

A threat hunting capability that leverages Sysmon and MITRE ATT&CK on Azure Sentinel

Daily feed of bad IPs with blacklist hit scores for cybersecurity professionals to stay informed about malicious IP addresses.

A comprehensive and unrestricted dataset of security incidents for research and decision-making

Packet Storm is a global security resource providing around-the-clock information and tools to mitigate personal data and fiscal loss on a global scale.