Alternatives and similar repositories for SecuritySnacks

Users that are interested in SecuritySnacks are comparing it to the libraries listed below

• Permiso-io-tools / DetentionDodger
  ☆17Updated 9 months ago
• dobin / DetonatorAgent
  Detonate malware on VMs and get logs & detection status
  ☆65Updated last week
• adulau / HHHash
  HTTP Headers Hashing (HHHash) is a technique used to create a fingerprint of an HTTP server based on the headers it returns.
  ☆79Updated 2 years ago
• jstrosch / subparse
  Modular malware analysis artifact collection and correlation framework
  ☆53Updated last year
• brokensound77 / LoFP
  Living off the False Positive!
  ☆40Updated 9 months ago
• sketchymoose / workslikeaJARM
  Method of finding interesting domains using keywords + JARMs
  ☆13Updated 2 years ago
• cedowens / Helpful_aws-scripts
  python3 scripts to help with aws triage needs
  ☆15Updated 3 years ago
• BinaryDefense / beacon-fronting
  A simple command line program to help defender test their detections for network beacon patterns and domain fronting
  ☆70Updated 3 years ago
• 0xThiebaut / Signatures
  🚧 Currently transfering TLP:CLEAR rules from TLP:AMBER repository...
  ☆21Updated last year
• matthw / malware_analysis
  ☆18Updated last year
• stairwell-inc / threat-research
  Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
  ☆23Updated last year
• ail-project / ail-yara-rules
  A set of YARA rules for the AIL framework to detect leak or information disclosure
  ☆40Updated 9 months ago
• password123456 / CertVerify
  A scanner that files with compromised or untrusted code signing certificates written in python.
  ☆64Updated 2 years ago
• 0xThiebaut / PCAPeek
  A proof-of-concept re-assembler for reverse VNC traffic.
  ☆25Updated 2 years ago
• cedowens / JXA-Runner
  Swift code to programmatically execute local or hosted JXA payloads from Terminal without using the on-disk osascript binary.
  ☆24Updated 4 years ago
• silverfort-open-source / latma
  ☆80Updated 2 years ago
• markuskont / pikksilm
  Look into EDR events from network
  ☆23Updated this week
• RustyNoob-619 / 100-Days-of-YARA-2024
  ☆19Updated last year
• airbus-seclab / nbutools
  Tools for offensive security of NetBackup infrastructures
  ☆42Updated 2 years ago
• therealunicornsecurity / tricard
  Tricard - Malware Sandbox Fingerprinting
  ☆22Updated last year
• Hexastrike / LockBit-Database-Leak-2025
  Structured CSVs and table schemas extracted from the 29-April-2025 LockBit affiliate-panel database leak.
  ☆28Updated 6 months ago
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆74Updated 3 years ago
• cybergoatpsyops / detections
  Placeholder for my detection repo and misc detection engineering content
  ☆42Updated 2 years ago
• Logisek / CalcOrItDidntHappen
  A curated collection of Living off the Land (LotL) attack demonstrations where trusted binaries go rogue, because if it didn’t launch cal…
  ☆33Updated last month
• closed-systems / strangerstrings
  A little tool to filter the stranger strings from a binary so you can analyze the good ones
  ☆51Updated 2 months ago
• DODC / turncoat
  ☆42Updated 7 months ago
• k3idii / CobaltStrike-Tools
  Tools for playing w/ CobaltStrike config - extractin, detection, processing, etc...
  ☆29Updated 2 years ago
• ruppde / yara_rules
  Yara rules
  ☆22Updated 2 years ago
• cedowens / Persistent-Swift
  A Swift port of some of the original PersistentJXA projects by D00MFist. Original PersistentJXA repo: https://github.com/D00MFist/Persist…
  ☆34Updated 4 years ago
• g-les / 100DaysofYARA
  100 Days of YARA to be updated with rules & ideas as the year progresses
  ☆60Updated 2 years ago