Tag Archives: Threat Hunting
Yeti – Your Everyday Threat Intelligence
Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository. the platform will also automatically enrich observables (e.g. resolve domains, geolocate IPs) so that you don’t have to. Yeti
Misp-dashboard – MISP Threat Intelligence Dashboard
Misp-dashboard is a dashboard showing live data and statistics from the ZMQ feeds of one or more MISP instances. The dashboard can be used as a real-time
ThreatIngestor – Extract and Aggregate Threat Intelligence
ThreatIngestor is a flexible, configuration-driven, extensible framework for consuming threat intelligence. It can watch Twitter, RSS feeds, and other sources
Fileintel – Application to Pull Malicious Files Intelligence
Fileintel is a tool used to collect various intelligence sources for a given file. The tool is written in a modular fashion so new intelligence sources.
HELK – The Hunting ELK Framework
The Hunting ELK or simply the HELK is one of the first open source hunt platforms with advanced analytics capabilities such as SQL declarative language
Threat_Note – Lightweight Investigation Notebook
Threat_Note is a web application built to allow security researchers the ability to add and retrieve indicators related to their research.
RedHunt Virtual Machine for Adversary Emulation and Threat Hunting
RedHunt threat emulation and threat hunting VM that integrate attacker's arsenal as well as defender's toolkit to actively identify the threats in your environment.