VAULT 4624

Live indicators of compromise from MalwareBazaar, ThreatFox, URLhaus. Track malware hashes, malicious IPs, C2 domains, and suspicious URLs.

Comprehensive YARA rules for ransomware, APTs, webshells, trojans, and more. Copy-paste ready detection signatures for malware hunting.

Monitor emerging phishing campaigns and malicious infrastructure as they're discovered across multiple threat intelligence feeds.

Essential open-source intelligence platforms for threat research, domain analysis, and phishing campaign tracking.

Hand-picked threat hunting scenarios that have proven most effective in real-world investigations. Start here for maximum impact.

Hunts organized by MITRE ATT&CK framework tactics and techniques. Perfect for systematic threat coverage and gap analysis.

Detection queries and hunting techniques optimized for specific security platforms including Splunk, Sentinel, ELK, and more.

Hunt for suspicious network activity based on unusual port usage, non-standard protocols, and anomalous traffic patterns.

Translate detection queries between Splunk, Sentinel, and Elastic. Includes common hunt patterns and field mappings for quick reference.

Windows Event IDs, Sysmon events, common ports, regex patterns, PowerShell commands, and Linux log locations. Essential reference for threat hunters.

Step-by-step incident response procedures for ransomware, phishing, data breaches, malware outbreaks, and more. Field-tested methodologies.

Curated collection of threat hunting tools, scripts, and utilities. From osquery to Velociraptor, HELK to Sigma rules.

Structured learning paths from beginner to advanced threat hunter. Labs, challenges, and real-world scenarios to build your skills.