Tag Archives: Threat Hunting

Yeti – Your Everyday Threat Intelligence

Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository. the platform will also automatically enrich observables (e.g. resolve domains, geolocate IPs) so that you don’t have to. Yeti

Misp-dashboard – MISP Threat Intelligence Dashboard

Misp-dashboard is a dashboard showing live data and statistics from the ZMQ feeds of one or more MISP instances. The dashboard can be used as a real-time

ThreatIngestor – Extract and Aggregate Threat Intelligence

ThreatIngestor is a flexible, configuration-driven, extensible framework for consuming threat intelligence. It can watch Twitter, RSS feeds, and other sources

Fileintel – Application to Pull Malicious Files Intelligence

Fileintel is a tool used to collect various intelligence sources for a given file. The tool is written in a modular fashion so new intelligence sources.

HELK – The Hunting ELK Framework

The Hunting ELK or simply the HELK is one of the first open source hunt platforms with advanced analytics capabilities such as SQL declarative language

Threat_Note – Lightweight Investigation Notebook

Threat_Note is a web application built to allow security researchers the ability to add and retrieve indicators related to their research.

RedHunt Virtual Machine for Adversary Emulation and Threat Hunting

RedHunt threat emulation and threat hunting VM that integrate attacker's arsenal as well as defender's toolkit to actively identify the threats in your environment.