Short deep dive into Threat Hunting on AWS
☆19Oct 15, 2023Updated 2 years ago
Alternatives and similar repositories for aws-threat-hunting
Users that are interested in aws-threat-hunting are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Repository for storage of Axon Rapid Response related queries, scripts and more☆10Jul 22, 2025Updated 10 months ago
- Extract CIS benchmarks from PDFs☆16Jul 26, 2023Updated 2 years ago
- A catalog of services that can be publicly exposed within different cloud providers.☆14Aug 30, 2024Updated last year
- ☆39Aug 23, 2022Updated 3 years ago
- Offensive Terraform module which copies publicly exposed EBS snapshot to us-east-1 region in attacker's AWS account and creates EBS volum…☆14Sep 18, 2020Updated 5 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Alternative password shadowing scheme☆10May 29, 2026Updated 2 weeks ago
- ☆11Feb 9, 2023Updated 3 years ago
- 🌌 Real-time threat detection for smart contracts☆10May 16, 2023Updated 3 years ago
- ☆22Oct 21, 2024Updated last year
- ETHICAL-HACKING☆13Dec 20, 2023Updated 2 years ago
- The Enhanced MITRE ATT&CK® Coverage Tracker is an Excel tool for SOCs to measure and improve detection coverage of cyber threats. It simp…☆36Nov 13, 2025Updated 7 months ago
- Legacy password hashing framework for PHP applications needing to support or having previously supported PHP below 5.5☆15Nov 22, 2024Updated last year
- Generate representative samples from Pwned Passwords (HIBP)☆11Jan 6, 2022Updated 4 years ago
- Perform file-based malware scan on your on-prem servers with AWS☆14Oct 31, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Queries for Carbon Black Response☆11Feb 11, 2020Updated 6 years ago
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆61Mar 12, 2022Updated 4 years ago
- Test Suite for John the Ripper☆26Dec 28, 2025Updated 5 months ago
- ☆377Feb 23, 2024Updated 2 years ago
- Unit tests for blue teams to aid with building detections for some common macOS post exploitation methods.☆108Oct 29, 2022Updated 3 years ago
- Quick script to build host or investigation timelines using Carbon Black Response☆12Sep 25, 2018Updated 7 years ago
- Small container runtime for threat detection☆14Apr 13, 2025Updated last year
- yara detection rules for hunting with the threathunting-keywords project☆164May 11, 2025Updated last year
- An SSH honeypot written entirely in Go.☆14Dec 4, 2025Updated 6 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Implementation of bcrypt password hashing scheme☆13Jan 11, 2021Updated 5 years ago
- Detection rules and threat hunting queries in Defender XDR and Azure Sentinel☆17Mar 13, 2026Updated 3 months ago
- Lists of Dynamic DNS Domains/FQDNs as well as lists of services/providers that offer free dynamic dns domains.☆13Nov 2, 2021Updated 4 years ago
- Yet another fseventsd parser for macOS forensics☆12Jul 20, 2024Updated last year
- ☆11Apr 21, 2022Updated 4 years ago
- 威胁检测规则集☆15Jul 5, 2019Updated 6 years ago
- Scripts and Modules for forensical analyses of mysql database systems☆23Sep 19, 2014Updated 11 years ago
- A hands-on workshop to learn how to do threat detection and response in AWS.☆11Sep 13, 2021Updated 4 years ago
- Small and highly portable detection tests based on MITRE's ATT&CK.☆11Jun 24, 2021Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ThreatSeeker: Threat Hunting via Windows Event Logs☆123May 16, 2023Updated 3 years ago
- A script used to query the dehashed API and filter for more useful results☆16Jun 20, 2021Updated 4 years ago
- Contains research.splunk.com site code☆11Apr 10, 2024Updated 2 years ago
- CSV Manager for AWS Security Hub exports SecurityHub findings to a CSV file and allows you to mass-update SecurityHub findings by modifyi…☆18Jul 23, 2025Updated 10 months ago
- automated sticky keys backdoor☆10Feb 12, 2016Updated 10 years ago
- Automated Persistence and Lateral Movement using GCP Patch Management☆16Aug 11, 2022Updated 3 years ago
- ☆14Jul 21, 2024Updated last year