Top 10 threathunting Open-Source Projects

IntelOwl

13 3,111 9.8 Python

IntelOwl: manage your Threat Intelligence at scale

Project mention: Monthly Security Checklist | /r/msp | 2023-06-25

malwoverview

3 2,725 6.7 Python

Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
InfluxDB

www.influxdata.com sponsored

Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
atomic-threat-coverage

1 938 10.0 Python

Actionable analytics designed to combat threats
AzureHunter

2 755 0.0 PowerShell

A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
tenzir

15 611 10.0 C++

Open source security data pipelines.

Project mention: Vector: A high-performance observability data pipeline | news.ycombinator.com | 2024-03-17

We're building something similar at Tenzir, but more for operational security workloads. https://docs.tenzir.com
Differences to Vector:
- An agent has optional indexed storage, so you can store your data there and pick it up later. The storage is based on Apache Feather, Parquet's little brother.
- Pipelines operators both work with data frames (Arrow record batches) or chunks of bytes.
- Structured pipelines are multi-schema, i.e., a single pipeline can process streams of record batches with different schemas.

ThreatHunting-Keywords

1 337 9.4 HTML

Awesome list of keywords and artifacts for Threat Hunting sessions

Project mention: List of offensive tools keywords for ThreatHunting | /r/cybersecurity | 2023-05-18

more information here: https://github.com/mthcht/ThreatHunting-Keywords

Purpleteam

1 120 8.3 PowerShell

Purpleteam scripts simulation & Detection - trigger events for SOC detections
WorkOS

workos.com sponsored

The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
MurMurHash

1 110 0.0 Python

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
wafaray

2 106 10.0 Shell

Enhance your malware detection with WAF + YARA (WAFARAY)
SplunkDashboards

1 49 0.0

Collection of Dashboards for Threat Hunting and more!

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

threathunting related posts

VAST 3.1 open-source security data pipelines released
1 project | /r/cybersecurity | 16 May 2023
Parallel Grouped Aggregation in DuckDB
2 projects | news.ycombinator.com | 7 Mar 2022
Hiring: ReasonML Frontend Engineer - Remote EU
1 project | /r/reasonml | 7 Sep 2021
Migrating Our Codebase C++20 - A Field Report
1 project | /r/cpp | 26 Jul 2021

Index

What are some of the best open-source threathunting projects? This list will help you:

	Project	Stars
1	IntelOwl	3,111
2	malwoverview	2,725
3	atomic-threat-coverage	938
4	AzureHunter	755
5	tenzir	611
6	ThreatHunting-Keywords	337
7	Purpleteam	120
8	MurMurHash	110
9	wafaray	106
10	SplunkDashboards	49