PyRank
  • Insights
  • PyPI
  • GitHub
  • Search
  • Compare
  • Advisories
  • Ecosystem
  • About

Threat Hunting Python Packages

Python packages with the GitHub topic threat-hunting. Sorted by relevance, with stars and monthly downloads.
elceef
dnstwist

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

102K 6K 848
fhightower
ioc-finder

Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/

47K 183 45
opencybersecurityalliance
stix-shifter

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

14K 263 228
opencybersecurityalliance
stix-shifter-utils

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

13K 263 228
opencybersecurityalliance
stix-shifter-modules-splunk

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

10K 263 228
opencybersecurityalliance
firepit

Firepit - STIX Columnar Storage

6K 18 13
alexandreborges
malwoverview

Malwoverview is a first response tool for threat hunting across VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, IPInfo, Shodan, AbuseIPDB, GreyNoise, URLScan.io, Whois/RDAP, NIST, and VulnCheck. Supports LLM enrichment, IOC extraction, YARA scanning, and Android analysis.

6K 4K 529
opencybersecurityalliance
stix-shifter-modules-elastic-ecs

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

5K 263 228
opencybersecurityalliance
stix-shifter-modules-azure-sentinel

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

5K 263 228
opencybersecurityalliance
stix-shifter-modules-qradar

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

4K 263 228
opencybersecurityalliance
stix-shifter-modules-stix-bundle

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

4K 263 228
opencybersecurityalliance
stix-shifter-modules-msatp

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

4K 263 228
opencybersecurityalliance
stix-shifter-modules-proxy

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

4K 263 228
opencybersecurityalliance
stix-shifter-modules-qradar-perf-test

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

4K 263 228
InQuest
threatingestor

Extract and aggregate threat intelligence.

4K 921 136
opencybersecurityalliance
stix-shifter-modules-trendmicro-vision-one

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

3K 263 228
opencybersecurityalliance
stix-shifter-modules-security-advisor

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

3K 263 228
opencybersecurityalliance
stix-shifter-modules-guardium

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

3K 263 228
opencybersecurityalliance
stix-shifter-modules-carbonblack

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

3K 263 228
opencybersecurityalliance
stix-shifter-modules-arcsight

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

3K 263 228
opencybersecurityalliance
stix-shifter-modules-aws-cloud-watch-logs

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

3K 263 228
opencybersecurityalliance
stix-shifter-modules-aws-athena

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

3K 263 228
opencybersecurityalliance
stix-shifter-modules-bigfix

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

3K 263 228
opencybersecurityalliance
stix-shifter-modules-crowdstrike

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

3K 263 228
    • Data from PyPI, GitHub, ClickHouse, and BigQuery