Threat hunting repo for my independent study on threat hunting with OSQuery
☆27Jan 16, 2018Updated 8 years ago
Alternatives and similar repositories for ThreatWaffle
Users that are interested in ThreatWaffle are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Recon Hunt Queries☆79May 16, 2021Updated 4 years ago
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆17Sep 4, 2021Updated 4 years ago
- Collaborative, web-based case management for incident response☆24Jan 23, 2024Updated 2 years ago
- PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.☆57Mar 18, 2022Updated 4 years ago
- ☆19Aug 2, 2020Updated 5 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Linux and Windows Hardening Points☆12Mar 6, 2018Updated 8 years ago
- ☆18May 23, 2024Updated last year
- Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.☆45Aug 17, 2020Updated 5 years ago
- Windows version of honeybits - a PoC tool to create breadcrumbs and honeytokens, to lead the attackers to your honeypots!☆24Jun 19, 2017Updated 8 years ago
- Passivedns monitor implementation in Rust.☆12Apr 21, 2016Updated 10 years ago
- Bro analyzer that detects Google's QUIC protocol☆11Mar 2, 2021Updated 5 years ago
- Workflows for Shuffle☆25Oct 26, 2022Updated 3 years ago
- A shell script to download malware domains from various sources, and configuring unbound DNS config file to be used as a local recursive …☆19Sep 12, 2014Updated 11 years ago
- A collection of infosec related scripts and information.☆54Oct 2, 2024Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Security Logon Event Analysis Tools - a collection of scripts for collecting, parsing, and analyzing logon events from Windows Security L…☆16Jun 22, 2016Updated 9 years ago
- PyVelociraptor contains the python bindings for the Velociraptor API.☆21Updated this week
- FRAC and RIFT☆17Mar 16, 2019Updated 7 years ago
- A bash script to create a persistent port mirror for an IDS within a Proxmox hypervisor☆22Sep 4, 2018Updated 7 years ago
- ☆168Jan 20, 2021Updated 5 years ago
- pySigma Cookiecutter backend template☆24Sep 17, 2025Updated 7 months ago
- Queries to parse sysmon event log file with microsoft logparser☆58Mar 31, 2015Updated 11 years ago
- Modular command-line threat hunting tool & framework.☆17Jul 20, 2020Updated 5 years ago
- Analyst tool for creating pivot maps of data sources☆16Sep 11, 2017Updated 8 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A Go implementation and parser for Sigma rules.☆99May 15, 2025Updated 11 months ago
- Lists of sources and utilities utilized to hunt, detect and prevent evildoers.☆169Dec 10, 2018Updated 7 years ago
- ☆34Jun 12, 2024Updated last year
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆65Oct 31, 2017Updated 8 years ago
- Swift code to parse the quarantine history database, Chrome history database, Safari history database, and Firefox history database on ma…☆16Dec 3, 2020Updated 5 years ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆251Jul 19, 2021Updated 4 years ago
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- A preconfigured Velociraptor triage collector☆76Updated this week
- Registry timestamp manipulation☆18Feb 26, 2014Updated 12 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆15Oct 9, 2021Updated 4 years ago
- Data from a BRAWL Automated Adversary Emulation Exercise☆212Oct 2, 2020Updated 5 years ago
- Simple script to generate commands to achieve reverse shells.☆12Aug 12, 2019Updated 6 years ago
- A tool for recursively scanning websites for defacements☆10Nov 22, 2022Updated 3 years ago
- brostash: Linux distribution based on Debian and focusing on network security events collection☆33Aug 30, 2020Updated 5 years ago
- LLM-Powered Code Security Scanning☆21Apr 2, 2025Updated last year
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Aug 21, 2016Updated 9 years ago