Nebulock-Inc/agentic-threat-hunting-framework
ATHF is a framework for agentic threat hunting - building systems that can remember, learn, and act with increasing autonomy.
This framework helps cybersecurity teams like threat hunters and security analysts effectively document and manage their investigations. It takes your raw threat intelligence, security alerts, and observed anomalies as input, and produces structured, searchable records of your past hunts. These records can then be used to inform future investigations and train AI assistants to work with your specific environment.
205 stars. Available on PyPI.
Use this if your threat hunting program struggles to retain context from past investigations, leading to repeated work or missed insights.
Not ideal if you're looking for an automated SIEM/EDR replacement rather than a system to structure and enhance your existing hunting processes.
Stars
205
Forks
29
Language
Python
License
MIT
Category
Last pushed
Mar 09, 2026
Commits (30d)
0
Dependencies
6
Get this data via API
curl "https://pt-edge.onrender.com/api/v1/quality/agents/Nebulock-Inc/agentic-threat-hunting-framework"
Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.
Related agents
AgentSeal/agentseal
Security toolkit for AI agents. Scan your machine for dangerous skills and MCP configs, monitor...
cosai-oasis/secure-ai-tooling
The CoSAI Risk Map is a framework for identifying, analyzing, and mitigating security risks in...
HeadyZhang/agent-audit
Static security scanner for LLM agents — prompt injection, MCP config auditing, taint analysis....
LucidAkshay/kavach
Tactical AI Workspace Monitor & EDR
oasm-platform/open-asm
Open-source platform for cybersecurity Attack Surface Management (OASM).