ATHF is a framework for agentic threat hunting - building systems that can remember, learn, and act with increasing autonomy.
☆261Apr 30, 2026Updated last week
Alternatives and similar repositories for agentic-threat-hunting-framework
Users that are interested in agentic-threat-hunting-framework are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Menu for Thor scanner lite☆20Oct 24, 2025Updated 6 months ago
- ☆62Feb 12, 2026Updated 2 months ago
- Original PoC for CVE-2023-30367☆17Jan 4, 2024Updated 2 years ago
- Fast Windows post-exploitation wins after initial access.☆29Jan 28, 2026Updated 3 months ago
- sKaleQL is an opinionated template repository for managing, executing, and organizing Kusto Query Language (KQL) queries against Azure Lo…☆20May 20, 2025Updated 11 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Online resources related to SOC Analysts. Incident investigation reference material, blogs, newsletters, good reads, books, trainings, po…☆55Feb 14, 2026Updated 2 months ago
- Some of the lab files for the SANS Institute course SEC505: Securing Windows and PowerShell Automation: https://sans.org/sec505☆18Jun 8, 2017Updated 8 years ago
- Bash tool used for proactive detection of malicious activity on macOS systems.☆38Sep 29, 2025Updated 7 months ago
- Command and Control that uses NTP as the transport protocol.☆25Jan 29, 2022Updated 4 years ago
- 🛡️ Detect and respond to security threats in real-time with God-Eye, an AI-driven tool designed for privacy and local deployment on mult…☆39Updated this week
- Linux and windows privilege escalation cheatsheet☆11May 18, 2023Updated 2 years ago
- Ludus range for the Constructing Defense Lab☆120Apr 21, 2026Updated 2 weeks ago
- A Windows tool that converts LDIF files to BloodHound CE☆31Dec 20, 2025Updated 4 months ago
- A professional Red Team / Pentest tool for assessing the external perimeter of a company in a complete "black box" mode (zero knowledge, …☆30Feb 15, 2026Updated 2 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Use Gemini (1M context, free) inside Claude Desktop and Claude Code. MCP bridge that delegates heavy tasks to Gemini CLI while Claude orc…☆31Apr 13, 2026Updated 3 weeks ago
- Forensic tool for extracting and analyzing Google DriveFS cached files and metadata.☆20May 9, 2025Updated last year
- ☆22Jan 31, 2023Updated 3 years ago
- A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV outp…☆321Feb 26, 2026Updated 2 months ago
- Wordpress Plugin Canto < 3.0.5 - Remote File Inclusion (RFI) and Remote Code Execution (RCE)☆17Nov 24, 2023Updated 2 years ago
- AI-powered Windows Event Log analyzer that learns from your feedback. Uses Claude AI with RAG to detect suspicious activity, improve ac…☆37Dec 18, 2025Updated 4 months ago
- An interactive mock C2 server☆17Feb 25, 2023Updated 3 years ago
- A self-designed, home-made watch intended to tell time in a funky and unique way!☆23Jan 15, 2026Updated 3 months ago
- An example of a mis-configured Rails application release under MIT license.☆21Jan 19, 2023Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.☆54Apr 22, 2025Updated last year
- Active C&C Detector☆156Oct 5, 2023Updated 2 years ago
- Portable Windows forensic tool for reviewing Firefox-like and Chromium-based browser artifacts, with labeling, search, CLI processing, an…☆56Apr 30, 2026Updated last week
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆69Dec 2, 2022Updated 3 years ago
- ELF Sectional docking payload injector system☆21Jun 28, 2022Updated 3 years ago
- Security tools for purple team, AI security, and M365/GWS. Authorized use only.☆142Apr 26, 2026Updated 2 weeks ago
- Intelligent caching proxy for web scraping with SSL bumping, upstream proxy routing, and a web-based management interface.☆38Jan 10, 2026Updated 4 months ago
- A Claude Code Notification hook for MacOS that displays a toast message when Claude Code is waiting for the user to respond.☆17Jul 22, 2025Updated 9 months ago
- Repository for CoSAI workstream 2, Preparing Defenders for a Changing Cybersecurity Landscape☆56Apr 30, 2026Updated last week
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- PowerShell tools to help defenders hunt smarter, hunt harder.☆480Oct 29, 2025Updated 6 months ago
- ☆28Feb 5, 2024Updated 2 years ago
- my MSTICpy practice and custom tools repository☆11Apr 23, 2025Updated last year
- A suite of tools to disrupt campaigns using the Sliver C2 framework.☆283Aug 5, 2023Updated 2 years ago
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆27Jul 4, 2024Updated last year
- Convert Sigma rules to SIEM queries, directly in your browser.☆114Updated this week
- A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes.☆267Sep 23, 2025Updated 7 months ago