Interactive threat hunting resource navigator — 259+ resources organized in a collapsible tree, inspired by OSINT Framework.
Click nodes to expand categories. Leaf nodes open the resource in a new tab.
https://osnolanarf.github.io/huntframework/
| # | Category | Subcategories |
|---|---|---|
| 1 | Frameworks & Methods | Playbooks, Threat Modeling, Detection Engineering, Adversary Simulation |
| 2 | MITRE ATT&CK | Tactics & Techniques, APT Groups, Sigma / Detection |
| 3 | Threat Intelligence | IOC Search, Threat Feeds, Research Feeds, Threat Maps, Sharing Platforms, Phishing Analysis, Annual Reports |
| 4 | Log Sources & Telemetry | Windows Events, Sysmon / Logging Config, Cloud Logs |
| 5 | Query Languages | Splunk, CrowdStrike / LogScale, KQL / Microsoft Defender |
| 6 | Network Analysis | Packet Analysis |
| 7 | Endpoint Analysis | Memory & Forensics, Process Analysis, EDR / Live Response, Linux Hunting, AD / Identity, Credential & Hash Cracking |
| 8 | Pivoting & Recon | IP & Domain, Attack Surface Intel, Breach & Leak Intelligence |
| 9 | Malware Analysis | Static Analysis, Sandboxes, Samples, Hash Lookup |
| 10 | Vulnerability Research | CVE / NVD, Exploits |
| 11 | Tools & Platforms | SIEM / SOAR, Attacker Tradecraft |
| 12 | Training & Learning | Labs & Practice, Datasets, Communities |
| Tag | Meaning |
|---|---|
(T) |
Local tool — requires installation |
(F) |
Free / open source |
(R) |
Registration required |
(C) |
Commercial / freemium |
Edit data/hunt.json. Node schemas:
{ "name": "Tool Name (F)", "type": "url", "url": "https://...", "description": "One-line description" }{ "name": "Category", "type": "folder", "children": [] }- D3.js v3 — interactive collapsible SVG tree
- HTML / CSS / JS — no frameworks, no build tools
- Hack font via jsDelivr CDN
- GitHub Pages — static hosting
MIT