threat-hunting

Here are 1,178 public repositories matching this topic...

MISP / MISP

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Updated Apr 11, 2026
PHP

OISF / suricata

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.

security cybersecurity suricata ids network-monitoring threat-hunting nsm ips intrusion-detection-system network-monitor intrusion-prevention-system

Updated Apr 9, 2026
C

elceef / dnstwist

Star

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

dns osint scanner phishing domains fuzzing threat-hunting typosquatting threat-intelligence homograph-attack idn homoglyph

Updated Apr 15, 2025
Python

SwiftOnSecurity / sysmon-config

Star

Sysmon configuration file template with default high-quality event tracing

windows monitoring logging sysmon threat-hunting threatintel netsec sysinternals

Updated Jul 3, 2024

0x4D31 / awesome-threat-detection

Star

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

security awesome detection incident-response awesome-list threat-hunting threat-detection

Updated Jan 5, 2026

Security-Onion-Solutions / securityonion

Star

Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.

security monitoring threat-hunting case-management information-security cyber-security network-security intrusion-detection-system security-tools endpoint-security

Updated Apr 12, 2026
Shell

intelowlproject / IntelOwl

Star

IntelOwl: manage your Threat Intelligence at scale

Updated Apr 9, 2026
Python

OTRF / ThreatHunter-Playbook

Star

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

dfir sysmon threat-hunting hunting hunter mitre hypothesis hunting-campaigns mitre-attack-db

Updated Jan 12, 2026
Python

mukul975 / Anthropic-Cybersecurity-Skills

Sponsor

Star

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platforms · 26 security domains · Apache 2.0

Updated Apr 11, 2026
Python

InQuest / awesome-yara

Star

A curated list of awesome YARA rules, tools, and people.

ioc awesome awesome-list threat-hunting malware-analysis malware-research yara yara-rules malware-detection yara-manager yara-signatures malware-rules yara-scanner awesome-yara

Updated Mar 16, 2026

Cyb3rWard0g / HELK

Sponsor

Star

The Hunting ELK

docker elasticsearch kibana logstash spark jupyter-notebook elk threat-hunting dockerhub elastic hunting elk-stack hunting-platforms

Updated Jun 1, 2024
Jupyter Notebook

alexandreborges / malwoverview

Star

Malwoverview is a first response tool for threat hunting across VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, IPInfo, Shodan, AbuseIPDB, GreyNoise, URLScan.io, Whois/RDAP, NIST, and VulnCheck. Supports LLM enrichment, IOC extraction, YARA scanning, and Android analysis.