ATHF is a framework for agentic threat hunting - building systems that can remember, learn, and act with increasing autonomy.
☆308Jun 24, 2026Updated this week
Alternatives and similar repositories for agentic-threat-hunting-framework
Users that are interested in agentic-threat-hunting-framework are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆61Feb 12, 2026Updated 4 months ago
- Original PoC for CVE-2023-30367☆17Jan 4, 2024Updated 2 years ago
- Command and Control Framework using powershell implants☆36Jun 17, 2025Updated last year
- Fast Windows post-exploitation wins after initial access.☆29Jan 28, 2026Updated 5 months ago
- sKaleQL is an opinionated template repository for managing, executing, and organizing Kusto Query Language (KQL) queries against Azure Lo…☆20May 20, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Some of the lab files for the SANS Institute course SEC505: Securing Windows and PowerShell Automation: https://sans.org/sec505☆18Jun 8, 2017Updated 9 years ago
- Bash tool used for proactive detection of malicious activity on macOS systems.☆39Sep 29, 2025Updated 8 months ago
- Command and Control that uses NTP as the transport protocol.☆25Jan 29, 2022Updated 4 years ago
- ☆10Sep 12, 2024Updated last year
- Ludus range for the Constructing Defense Lab☆122Apr 21, 2026Updated 2 months ago
- A Windows tool that converts LDIF files to BloodHound CE☆32Dec 20, 2025Updated 6 months ago
- A professional Red Team / Pentest tool for assessing the external perimeter of a company in a complete "black box" mode (zero knowledge, …☆29Feb 15, 2026Updated 4 months ago
- Use Gemini (1M context, free) inside Claude Desktop and Claude Code. MCP bridge that delegates heavy tasks to Gemini CLI while Claude orc…☆33Apr 13, 2026Updated 2 months ago
- ☆22Jan 31, 2023Updated 3 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Wordpress Plugin Canto < 3.0.5 - Remote File Inclusion (RFI) and Remote Code Execution (RCE)☆17Nov 24, 2023Updated 2 years ago
- A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV outp…☆329Feb 26, 2026Updated 4 months ago
- AI-powered Windows Event Log analyzer that learns from your feedback. Uses Claude AI with RAG to detect suspicious activity, improve ac…☆37Dec 18, 2025Updated 6 months ago
- An interactive mock C2 server☆17Feb 25, 2023Updated 3 years ago
- A self-designed, home-made watch intended to tell time in a funky and unique way!☆23Jan 15, 2026Updated 5 months ago
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆45Nov 7, 2020Updated 5 years ago
- An example of a mis-configured Rails application release under MIT license.☆21Jan 19, 2023Updated 3 years ago
- The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.☆55Apr 22, 2025Updated last year
- Burpsuite Extension for Jsmon☆25Updated this week
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Active C&C Detector☆156Oct 5, 2023Updated 2 years ago
- Portable Windows forensic tool for reviewing Firefox-like and Chromium-based browser artifacts, with labeling, search, CLI processing, an…☆57May 10, 2026Updated last month
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆70Dec 2, 2022Updated 3 years ago
- ELF Sectional docking payload injector system☆21Jun 28, 2022Updated 4 years ago
- Repository for CoSAI workstream 2, Preparing Defenders for a Changing Cybersecurity Landscape☆63Jun 1, 2026Updated 3 weeks ago
- Intelligent caching proxy for web scraping with SSL bumping, upstream proxy routing, and a web-based management interface.☆40Jan 10, 2026Updated 5 months ago
- PowerShell tools to help defenders hunt smarter, hunt harder.☆486Oct 29, 2025Updated 7 months ago
- ☆75May 2, 2026Updated last month
- Deploy customizable Active Directory labs in Azure - automatically.☆426Dec 5, 2024Updated last year
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- my MSTICpy practice and custom tools repository☆11Apr 23, 2025Updated last year
- A suite of tools to disrupt campaigns using the Sliver C2 framework.☆283Aug 5, 2023Updated 2 years ago
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆28Jul 4, 2024Updated last year
- A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes.☆273Sep 23, 2025Updated 9 months ago
- Repository for SPEED SIEM Use Case Framework☆60May 2, 2020Updated 6 years ago
- Automated Cloud Misconfiguration Testing☆25Jun 20, 2025Updated last year
- ☆74Jan 18, 2026Updated 5 months ago