{"id":5513,"date":"2020-11-06T18:46:55","date_gmt":"2020-11-06T10:46:55","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=5513"},"modified":"2020-11-06T18:47:10","modified_gmt":"2020-11-06T10:47:10","slug":"helk-open-source-threat-hunting-platform","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2020\/11\/helk-open-source-threat-hunting-platform\/","title":{"rendered":"HELK &#8211; Open Source Threat Hunting Platform"},"content":{"rendered":"<p>The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing, structured streaming, and even machine learning via Jupyter notebooks and Apache Spark over an ELK stack.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.darknet.org.uk\/wp-content\/uploads\/2020\/11\/HELK-Open-Source-Threat-Hunting-Platform-640x199.png\" alt=\"HELK - Open Source Threat Hunting Platform\" width=\"640\" height=\"199\" class=\"aligncenter size-medium wp-image-5515\" srcset=\"https:\/\/www.darknet.org.uk\/wp-content\/uploads\/2020\/11\/HELK-Open-Source-Threat-Hunting-Platform-640x199.png 640w, https:\/\/www.darknet.org.uk\/wp-content\/uploads\/2020\/11\/HELK-Open-Source-Threat-Hunting-Platform-1024x319.png 1024w, https:\/\/www.darknet.org.uk\/wp-content\/uploads\/2020\/11\/HELK-Open-Source-Threat-Hunting-Platform-1536x478.png 1536w, https:\/\/www.darknet.org.uk\/wp-content\/uploads\/2020\/11\/HELK-Open-Source-Threat-Hunting-Platform-2048x638.png 2048w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/><\/p>\n<script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3033787195489589\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<!-- Darknet Responsive Post Ad Links [previously link ad unit] -->\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-client=\"ca-pub-3033787195489589\"\r\n     data-ad-slot=\"5456620019\"\r\n     data-ad-format=\"auto\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script>\n<p>This project was developed primarily for research, but due to its flexible design and core components, it can be deployed in larger environments with the right configurations and scalable infrastructure.<\/p>\n<h2>Goals of HELK Open Source Threat Hunting Platform<\/h2>\n<ul>\n<li>    Provide an open-source hunting platform to the community and share the basics of Threat Hunting.<\/li>\n<li>    Expedite the time it takes to deploy a hunting platform.<\/li>\n<li>    Improve the testing and development of hunting use cases in an easier and more affordable way.<\/li>\n<li>    Enable Data Science capabilities while analyzing data via Apache Spark, GraphFrames &#038; Jupyter Notebooks.<\/li>\n<\/ul>\n<h3>Installing HELK Open Source Threat Hunting Platform<\/h3>\n<p>You can start playing with the HELK in a few steps:<\/p>\n<p>Step 1, download:<\/p>\n<pre>    git clone https:\/\/github.com\/Cyb3rWard0g\/HELK.git<\/pre>\n<p>Step 2, install:<\/p>\n<pre>    cd HELK\/\r\n    sudo .\/helk_install.sh<\/pre>\n<p>You can download HELK here:<\/p>\n<p><a href=\"https:\/\/github.com\/Cyb3rWard0g\/HELK\/archive\/v0.1.7-alpha03042019.zip\">HELK-v0.1.7-alpha03042019.zip<\/a><\/p>\n<p>Or read more <a href=\"https:\/\/github.com\/Cyb3rWard0g\/HELK\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing, structured streaming, and even machine learning via Jupyter notebooks and Apache Spark over an ELK stack. This project was developed primarily for research, but due to its flexible design and core components, [&hellip;]<\/p>\n","protected":false},"author":25,"featured_media":5515,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"none","_seopress_titles_title":"HELK - Open Source Threat Hunting Platform","_seopress_titles_desc":"The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc","_seopress_robots_index":"","_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[9],"tags":[47],"featured_image_src":"https:\/\/www.darknet.org.uk\/wp-content\/uploads\/2020\/11\/HELK-Open-Source-Threat-Hunting-Platform.png","featured_image_src_square":"https:\/\/www.darknet.org.uk\/wp-content\/uploads\/2020\/11\/HELK-Open-Source-Threat-Hunting-Platform.png","author_info":{"display_name":"Darknet","author_link":"https:\/\/www.darknet.org.uk\/author\/darknet\/"},"_links":{"self":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/5513"}],"collection":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/comments?post=5513"}],"version-history":[{"count":0,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/5513\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/media\/5515"}],"wp:attachment":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/media?parent=5513"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/categories?post=5513"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/tags?post=5513"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}