beaker logo [document malware analysis]

threat hunting

TyLabs has released an open source tool for threat hunting using MISP and Zeek. Contact us for support or additional integrations.

Dovehawk.io

Dovehawk

Dovehawk is a Zeek Module package that downloads indicators and signatures from MISP and hunts for them on the wire. Hits are reported back to MISP as sightings and additional metadata can be passed to Slack or logged. dovehawk on GitHub.