Tool and Usage
|Latest release||No release found|
Why this tool?
Sqhunter is a security tool to find known and unknown threats within your network. The goal is to find possible adversaries within your network by doing specific queries. The tool uses data from osquery, Salt Open, and the Cymon API.
Important note: you need to run sqhunter on your salt-master server.
Usage and audience
sqhunter is commonly used for security monitoring, threat discovery, or threat hunting. Target users for this tool are security professionals and system administrators.
- Command line interface
Example usage and output
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + The source code of this software is available
Supported operating systems
Sqhunter is known to work on Linux.
Several dependencies are required to use sqhunter.
- Python 2
Similar tools to sqhunter:
HELK is short for The Hunting ELK, containing Elasticsearch, Logstash, and Kibana. It has advanced analytic capabilities for threat hunting.
MISP is short for Malware Information Sharing Platform. It helps with sharing threat data which can be used by defenders and malware researchers.
Rastrea2r is a threat hunting utility for indicators of compromise (IOC) and can be used by SOC analysts and incident responders. Learn how it works in this review.
This tool page was updated at . Found an improvement? Help the community by submitting an update.
Related tool information
This tool is categorized as a threat hunting tool.