// Free & Open Source · No Sign-Up Required
Detect attacks, leaked secrets, credential abuse, suspicious activity, and security anomalies in seconds using AI-powered threat hunting.
Upload logs and instantly correlate threat signatures. The parser auto-detects fields to scan for SQL Injection, XSS, Brute Force, authentication anomalies, and pattern logs, delivering briefings in seconds.
Scan any public or private GitHub repository for exposed API keys, active tokens, credentials, hardcoded passwords, and security misconfigurations across all commit trees and files.
Monitor active incidents in real time. Features a tactical attack paths radar, severity categorization (Critical, High, Medium, Low), incident volume trends, and SOC investigation workflows.
Point the ingestion engine at security files or Nginx/Apache/Auth telemetry logs.
Gemini 2.5 Flash tokenizes, classifies, and evaluates anomalies on the records.
The heuristics matching system identifies SQLi, XSS, and credential stuffing vectors.
Get an executive SOC briefing with indicators of compromise, timeline, and mitigation actions.
ThreatHunter is built in the open by developer Juhaim Mohammed. Inspect the code, contribute improvements, deploy your own instance, or self-host without vendor lock-in. No trackers, no telemetry leaving your network, and complete control over your keys.
Free. Open source. No account required.
git clone https://github.com/Juhamim/threathunder-production.git