Repo of python/bash scripts for identifying IoC's in threat feed and other online tools
☆26Jul 27, 2020Updated 5 years ago
Alternatives and similar repositories for soc-threat-hunting
Users that are interested in soc-threat-hunting are comparing it to the libraries listed below
Sorting:
- Tools for hunting security threats☆12Feb 4, 2020Updated 6 years ago
- A script to assist in processing forensic RAM captures for malware triage☆26Feb 4, 2021Updated 5 years ago
- ☆13Feb 6, 2018Updated 8 years ago
- Use DNS to hunt for threats including DGAs☆15Jan 4, 2016Updated 10 years ago
- Threat Detection System using Hybrid (Machine Learning + Lexical Analysis) learning Approach.☆11May 30, 2017Updated 8 years ago
- ☆16Aug 29, 2025Updated 6 months ago
- Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposes☆22Jun 15, 2022Updated 3 years ago
- An elevated STIX representation of the MITRE ATT&CK Groups knowledge base☆23May 23, 2022Updated 3 years ago
- Presentation materials for talks I've given.☆20Oct 14, 2019Updated 6 years ago
- Collection of Malware Lures☆23Oct 8, 2021Updated 4 years ago
- Threat Modeling (based on STRIDE approach) for Kubernetes systems.☆25Oct 14, 2024Updated last year
- Creating a Feed of MISP Events from ThreatFox (by abuse.ch)☆19Jun 2, 2021Updated 4 years ago
- ☆20May 10, 2023Updated 2 years ago
- VirusTotal SIEM Integration and Automation☆18Jan 16, 2017Updated 9 years ago
- A curated list of resources to deep dive into the intersection of applied machine learning and threat detection.☆19Sep 23, 2020Updated 5 years ago
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆96Apr 13, 2022Updated 3 years ago
- Mirror network traffic from one interface to another on Windows☆25Feb 26, 2020Updated 6 years ago
- Reference sheet for Threat Hunting Professional Course☆26Mar 10, 2019Updated 7 years ago
- This repo is dedicated to all my tricks, tweaks and modules for testing and hunting threats. This repo contains multiple directories whic…☆57Jan 10, 2018Updated 8 years ago
- A CALDERA plugin☆27Feb 24, 2026Updated 2 weeks ago
- Powershell collection designed to assist in Threat Hunting Windows systems.☆27Apr 13, 2018Updated 7 years ago
- A triage data collection script for macOS☆29Nov 27, 2020Updated 5 years ago
- ☆27Jun 17, 2021Updated 4 years ago
- ☆28Feb 7, 2021Updated 5 years ago
- ☆13Jul 13, 2020Updated 5 years ago
- A Modular MWDB Utility to Collect Fresh Malware Samples☆34May 17, 2021Updated 4 years ago
- One Day of Python for SaintCon 2022☆11Jan 3, 2023Updated 3 years ago
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆72Jul 21, 2021Updated 4 years ago
- Detect-X Automated Threat Detection by AI☆32Oct 10, 2019Updated 6 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆39Dec 17, 2025Updated 2 months ago
- The Console Monitor Driver is a KMDF kernel-mode filter driver that captures certain Fast I/O operations (input and output) that is sent …☆41Sep 6, 2022Updated 3 years ago
- ☆82Jun 27, 2021Updated 4 years ago
- Azure Deployment Templates for Mandiant Managed Huning☆12Jun 1, 2023Updated 2 years ago
- My modern disassemblies of paleolithic (DOS-era) malware!☆13Feb 7, 2026Updated last month
- ☆10Aug 9, 2024Updated last year
- Numerous fork bombs in popular programming langs ...☆10May 25, 2017Updated 8 years ago
- ☆78Sep 29, 2025Updated 5 months ago
- Website crawler with YARA detection☆89Aug 20, 2023Updated 2 years ago