IntelOwl: manage your Threat Intelligence at scale

Malwoverview is a first response tool for threat hunting across VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, IPInfo, Shodan, AbuseIPDB, GreyNoise, URLScan.io, Whois/RDAP, NIST, and VulnCheck. Supports LLM enrichment, IOC extraction, YARA scanning, and Android analysis.

Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.

Actionable analytics designed to combat threats

KQL Queries. Microsoft Defender, Microsoft Sentinel

A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365

Tenzir is the data pipeline engine for security teams.

Awesome list of keywords and artifacts for Threat Hunting sessions

A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [BETA]

MDATP

Detecting ATT&CK techniques & tactics for Linux

DFIR Timeline Analysis for macOS — SQLite-backed viewer for CSV, TSV, XLSX, EVTX, Plaso, $MFT, and $J files with built-in process inspection, lateral movement tracking, persistence detection, and VirusTotal enrichment.

Artifact collection tool for *nix systems

Purpleteam scripts simulation & Detection - trigger events for SOC detections

An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.

A collection of intel and usernames scraped from various cybercrime sources & forums. DarkForums, HackForums, Patched, Cracked, BreachForums, LeakBase, XSS, Dread, & more

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Enhance your malware detection with WAF + YARA (WAFARAY)

Repository for SOC analysts, queries to investigate, advanced hunting, sites for analysis, malware samples, courses to improve skills, IOC and monitoring.

Collection of Dashboards for Threat Hunting and more!