hunting

The Hunting ELK

Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management

安全、可靠、简单、免费的企业级蜜罐

A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.

A curated list of awesome threat detection and hunting resources

Sample queries for Advanced hunting in Microsoft 365 Defender

Bi-weekly hunting queries

Collecting & Hunting for IOCs with gusto and style

Atomic Purple Team Framework and Lifecycle

KQL queries for Advanced Hunting

一个Mac下信息搜集小脚本 主要用于信息搜集/应急响应/检测挖矿进程/异常进程/异常启动项

r2yara - Module for Yara using radare2 information

Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.

Practical Orientation Of MVISION EDR Query Language

Library of threat hunts to get any user started!

Azure Sentinel 4 SecOps

Microsoft Defender for Endpoint Hunting Queries

DNS Dashboard for hunting and identifying beaconing

Spider or repeater to find all links.

A Node.js module for deobfuscating and expanding DOS/BATCH commands.

Github username search

tutorial to start bug hunting

🎮 神奇森林 - Wonder Forest

🏹 An exploration adventure game (very early-stages!)

Get the favicon hash for fun and profit.

A hunting word game developed with reactjs and react native

Advanced Hunting Queries for Microsoft Defender Advanced Threat Protection

Restful Server to handle requests from rastrea2r client

Meant to aid other responders; indicators and hunting techniques to identify SUNBURST compromise and establish scope and summarized analysis and links to additional resources.