Alternatives and similar repositories for ThreatHuntingJupyterNotebooks

Users that are interested in ThreatHuntingJupyterNotebooks are comparing it to the libraries listed below

• MII-Cybersec / Threat-Hunting-Notebook

  View on GitHub
  Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposes
  ☆22Jun 15, 2022Updated 3 years ago
• The-DFIR-Report / Suricata-Rules

  View on GitHub
  ☆11Jun 12, 2023Updated 2 years ago
• Cyb3r-Monk / Cheat-Sheets

  View on GitHub
  Cheat sheets for threat hunting, detection and other stuff.
  ☆34Oct 7, 2022Updated 3 years ago
• analyzeDFIR / analyzePF

  View on GitHub
  Tool for analysis of Windows Prefetch files
  ☆26Nov 11, 2018Updated 7 years ago
• ashwin-patil / threat-hunting-with-notebooks

  View on GitHub
  Repository with Sample threat hunting notebooks on Security Event Log Data Sources
  ☆69Dec 2, 2022Updated 3 years ago
• Azure / forensics

  View on GitHub
  ☆12Feb 9, 2025Updated last year
• JPCERTCC / QuasarRAT-Analysis

  View on GitHub
  QuasarRAT analysis tools and research report
  ☆29Dec 22, 2023Updated 2 years ago
• hardwaterhacker / i_want_my_eip

  View on GitHub
  Resources for I Want My EIP, presented at Derbycon 2017
  ☆11Sep 23, 2017Updated 8 years ago
• McL0vinn / Windows-Forensic-Examination-and-Threat-Hunting

  View on GitHub
  Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…
  ☆14Aug 15, 2022Updated 3 years ago
• StrangerealIntel / DeltaFlare

  View on GitHub
  ☆12Jun 29, 2021Updated 4 years ago
• Cyb3r-Monk / RITA-J

  View on GitHub
  Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.
  ☆207Jul 21, 2022Updated 3 years ago
• MalwareArchaeology / ARTHIR

  View on GitHub
  ATT&CK Remote Threat Hunting Incident Response
  ☆206Dec 8, 2024Updated last year
• SophosRapidResponse / OSQuery

  View on GitHub
  ☆88Mar 7, 2025Updated 11 months ago
• securycore / ThreatHunting

  View on GitHub
  Powershell collection designed to assist in Threat Hunting Windows systems.
  ☆27Apr 13, 2018Updated 7 years ago
• nccgroup / UninstalledAppCanary

  View on GitHub
  A Canary which fires when uninstalled
  ☆34Mar 16, 2021Updated 4 years ago
• Starke427 / Windows-Security-Policy

  View on GitHub
  Specific guidance and configuration scripts based on Microsoft-recommended security configuration baselines for Windows.
  ☆14Aug 22, 2020Updated 5 years ago
• brokensound77 / toruk

  View on GitHub
  Crowdstrike Falcon Host script for iterating through instances to get alert and other relevant data
  ☆13Jul 16, 2019Updated 6 years ago
• filescanio / fsCommunity

  View on GitHub
  Collection of scripts / samples / snippits around the community service at www.filescan.io
  ☆15Nov 6, 2025Updated 3 months ago
• michaeljgoodman / Dumpulator-IDA

  View on GitHub
  Currently proof-of-concept
  ☆17Dec 17, 2021Updated 4 years ago
• swisscom / detections

  View on GitHub
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆52Nov 27, 2020Updated 5 years ago
• cado-security / CloudAndContainerCompromiseSimulator

  View on GitHub
  Simulates a compromise in a cloud and container environment
  ☆33Dec 18, 2024Updated last year
• Prelude-SIEM / Prelude-SIEM

  View on GitHub
  The official Prelude SIEM GitHub of https://www.prelude-siem.org
  ☆36Jun 12, 2016Updated 9 years ago
• cisagov / vulnerable-instances

  View on GitHub
  Virtual machines that are set up with a variety of known vulnerabilities.
  ☆17Mar 1, 2022Updated 3 years ago
• Velocidex / regparser

  View on GitHub
  A Golang Registry parser
  ☆19Feb 3, 2025Updated last year
• rj-chap / BaselineTraining

  View on GitHub
  Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk
  ☆13Mar 4, 2019Updated 6 years ago
• mr-r3b00t / OSCP

  View on GitHub
  ☆15Jan 10, 2019Updated 7 years ago
• blueteam0ps / memOptix

  View on GitHub
  A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.
  ☆97May 28, 2023Updated 2 years ago
• trustedsec / proxy_helper

  View on GitHub
  Proxy Helper is a WiFi Pineapple module that will automatically configure the Pineapple for use with a proxy such as Burp Suite.
  ☆38Oct 15, 2022Updated 3 years ago
• Malwar3Ninja / Exploitation-of-Log4j2-CVE-2021-44228

  View on GitHub
  IP addresses exploiting recent log4j2 vulnerability CVE-2021-44228
  ☆16Dec 19, 2021Updated 4 years ago
• jupyterj0nes / sabonis

  View on GitHub
  Sabonis, a Digital Forensics and Incident Response pivoting tool
  ☆18Mar 3, 2022Updated 3 years ago
• moaistory / IE10Analyzer

  View on GitHub
  http://moaistory.blogspot.com/2016/08/ie10analyzer.html
  ☆19Jul 20, 2024Updated last year
• CIRCL / PyRichHeader

  View on GitHub
  A Python parser for Rich Headers
  ☆15Jun 2, 2015Updated 10 years ago
• akky2892 / Cyber-Threat-Hunting

  View on GitHub
  Information about most important hunts which can be performed by Threat hunters while searching for any adversary/threats inside the orga…
  ☆15May 18, 2019Updated 6 years ago
• brokensound77 / LoFP

  View on GitHub
  Living off the False Positive!
  ☆41Jan 31, 2025Updated last year
• hvs-consulting / ioc_signatures

  View on GitHub
  Repository with selected IOCs and YARA rules for threat hunting.
  ☆35May 21, 2025Updated 8 months ago
• The-DFIR-Report / Sigma-Rules

  View on GitHub
  Rules generated from our investigations.
  ☆204Jun 17, 2025Updated 7 months ago
• tiburon-security / sriracha-iq

  View on GitHub
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆18Apr 10, 2020Updated 5 years ago
• securesean / Shim-Process-Scanner

  View on GitHub
  Windows x64 Process Scanner to detect application compatability shims
  ☆37Oct 17, 2018Updated 7 years ago
• christophetd / mindmaps

  View on GitHub
  Mindmaps for threat hunting - work in progress.
  ☆152Mar 15, 2022Updated 3 years ago