Threat hunting repo for my independent study on threat hunting with OSQuery
☆27Jan 16, 2018Updated 8 years ago
Alternatives and similar repositories for ThreatWaffle
Users that are interested in ThreatWaffle are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Recon Hunt Queries☆79May 16, 2021Updated 4 years ago
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆17Sep 4, 2021Updated 4 years ago
- Collaborative, web-based case management for incident response☆24Jan 23, 2024Updated 2 years ago
- PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.☆58Mar 18, 2022Updated 4 years ago
- ☆19Aug 2, 2020Updated 5 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- Linux and Windows Hardening Points☆12Mar 6, 2018Updated 8 years ago
- ☆18May 23, 2024Updated last year
- Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.☆45Aug 17, 2020Updated 5 years ago
- Windows version of honeybits - a PoC tool to create breadcrumbs and honeytokens, to lead the attackers to your honeypots!☆25Jun 19, 2017Updated 8 years ago
- Passivedns monitor implementation in Rust.☆12Apr 21, 2016Updated 9 years ago
- Bro analyzer that detects Google's QUIC protocol☆10Mar 2, 2021Updated 5 years ago
- Workflows for Shuffle☆24Oct 26, 2022Updated 3 years ago
- A shell script to download malware domains from various sources, and configuring unbound DNS config file to be used as a local recursive …☆19Sep 12, 2014Updated 11 years ago
- Security Logon Event Analysis Tools - a collection of scripts for collecting, parsing, and analyzing logon events from Windows Security L…☆16Jun 22, 2016Updated 9 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- A collection of infosec related scripts and information.☆54Oct 2, 2024Updated last year
- PyVelociraptor contains the python bindings for the Velociraptor API.☆21Feb 11, 2026Updated last month
- FRAC and RIFT☆17Mar 16, 2019Updated 7 years ago
- A bash script to create a persistent port mirror for an IDS within a Proxmox hypervisor☆22Sep 4, 2018Updated 7 years ago
- ☆168Jan 20, 2021Updated 5 years ago
- pySigma Cookiecutter backend template☆24Sep 17, 2025Updated 6 months ago
- Queries to parse sysmon event log file with microsoft logparser☆58Mar 31, 2015Updated 10 years ago
- Modular command-line threat hunting tool & framework.☆17Jul 20, 2020Updated 5 years ago
- Analyst tool for creating pivot maps of data sources☆16Sep 11, 2017Updated 8 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- A Go implementation and parser for Sigma rules.☆97May 15, 2025Updated 10 months ago
- Lists of sources and utilities utilized to hunt, detect and prevent evildoers.☆168Dec 10, 2018Updated 7 years ago
- ☆33Jun 12, 2024Updated last year
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆65Oct 31, 2017Updated 8 years ago
- Swift code to parse the quarantine history database, Chrome history database, Safari history database, and Firefox history database on ma…☆16Dec 3, 2020Updated 5 years ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆252Jul 19, 2021Updated 4 years ago
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- A preconfigured Velociraptor triage collector☆76Mar 2, 2026Updated 3 weeks ago
- Registry timestamp manipulation☆18Feb 26, 2014Updated 12 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Data from a BRAWL Automated Adversary Emulation Exercise☆212Oct 2, 2020Updated 5 years ago
- ☆15Oct 9, 2021Updated 4 years ago
- Simple script to generate commands to achieve reverse shells.☆12Aug 12, 2019Updated 6 years ago
- A tool for recursively scanning websites for defacements☆10Nov 22, 2022Updated 3 years ago
- Understanding ATT&CK Matrix for Enterprise☆79May 16, 2018Updated 7 years ago
- brostash: Linux distribution based on Debian and focusing on network security events collection☆33Aug 30, 2020Updated 5 years ago
- LLM-Powered Code Security Scanning☆21Apr 2, 2025Updated 11 months ago