The Sandbox Scryer is an open-source tool for producing threat hunting and intelligence data from public sandbox detonation output The tool leverages the MITRE ATT&CK Framework to organize and prioritize findings, assisting in the assembly of IOCs, understanding attack movement and in threat hunting By allowing researchers to send thousands of samples to a sandbox …
Tag Archives: Threat Hunting
Watcher : Open Source Cybersecurity Threat Hunting Platform
Watcher is a Django & React JS automated platform for discovering new potentially cybersecurity threats targeting your organization. It should be used on webservers and available on Docker. Watcher Capabilities Detect emerging vulnerability, malware using social network & other RSS sources (www.cert.ssi.gouv.fr, www.cert.europa.eu, www.us-cert.gov, www.cyber.gov.au…). Detect Keywords in pastebin & in other IT content exchange …
Continue reading “Watcher : Open Source Cybersecurity Threat Hunting Platform”
theTHE : The Threat Hunting Environment
You are a Threat Hunter. While investigating, did you find yourself with more than 20 tabs opened in your browser, scattered .txt files with data and some terminals showing up in the background? theTHE centralizes all the information on an investigation in a single project and shares its results with your team (and with nobody …