beaker logo [document malware analysis]

threat hunting

TyLabs has released an open source tool for threat hunting using MISP and Bro. Contact us for support or additional integrations.


Dovehawk is a Bro Module package that downloads indicators and signatures from MISP and hunts for them on the wire. Hits are reported back to MISP as sightings and additional metadata can be passed to Slack or logged. dovehawk on GitHub.