PyRank

Threat Hunting Python Packages

Python packages with the GitHub topic threat-hunting. Sorted by relevance, with stars and monthly downloads.
elceef
dnstwist

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

72K 6K 845
fhightower
ioc-finder

Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/

37K 181 44
opencybersecurityalliance
stix-shifter-modules-synchronous-template

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

30K 262 229
opencybersecurityalliance
stix-shifter

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

20K 262 229
opencybersecurityalliance
stix-shifter-utils

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

11K 262 229
opencybersecurityalliance
stix-shifter-modules-splunk

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

8K 262 229
opencybersecurityalliance
stix-shifter-modules-trendmicro-vision-one

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

6K 262 229
opencybersecurityalliance
firepit

Firepit - STIX Columnar Storage

5K 18 13
salecharohit
semhound

Scan every repository across your GitHub organisations using Semgrep rules, with optional AI triage (Claude · Gemini · GPT · Bedrock)

5K 7 1
opencybersecurityalliance
stix-shifter-modules-qradar

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

5K 262 229
opencybersecurityalliance
stix-shifter-modules-stix-bundle

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

5K 262 229
opencybersecurityalliance
stix-shifter-modules-proxy

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

4K 262 229
opencybersecurityalliance
stix-shifter-modules-azure-sentinel

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

4K 262 229
opencybersecurityalliance
stix-shifter-modules-security-advisor

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

4K 262 229
opencybersecurityalliance
stix-shifter-modules-msatp

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

4K 262 229
opencybersecurityalliance
stix-shifter-modules-elastic-ecs

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

4K 262 229
alexandreborges
malwoverview

Malwoverview is a first response tool for threat hunting across VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, IPInfo, Shodan, AbuseIPDB, GreyNoise, URLScan.io, Whois/RDAP, NIST, and VulnCheck. Supports LLM enrichment, IOC extraction, YARA scanning, and Android analysis.

4K 4K 528
opencybersecurityalliance
stix-shifter-modules-aws-cloud-watch-logs

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

4K 262 229
opencybersecurityalliance
stix-shifter-modules-carbonblack

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

4K 262 229
opencybersecurityalliance
stix-shifter-modules-bigfix

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

4K 262 229
opencybersecurityalliance
stix-shifter-modules-guardium

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

4K 262 229
InQuest
threatingestor

Extract and aggregate threat intelligence.

4K 910 135
opencybersecurityalliance
stix-shifter-modules-arcsight

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

4K 262 229
opencybersecurityalliance
stix-shifter-modules-aws-athena

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

3K 262 229