THOR MITRE ATT&CK Framework Coverage
☆25Jun 15, 2020Updated 5 years ago
Alternatives and similar repositories for thor_attck
Users that are interested in thor_attck are comparing it to the libraries listed below
Sorting:
- Simple SYSLOG client in Go☆22Jun 5, 2025Updated 8 months ago
- THOR Thunderstorm Collectors☆25Feb 24, 2026Updated last week
- Fast IOC and YARA Scanner☆90Mar 23, 2020Updated 5 years ago
- Valhalla API Client☆70Jan 19, 2026Updated last month
- Automated Real-Time Threat Hunting with ATD, Active Response and Elasticsearch/Kibana☆10Aug 17, 2018Updated 7 years ago
- Simplified go-cat agent for caldera☆11Dec 18, 2023Updated 2 years ago
- Carving tool based in Radare2 & Yara☆16Oct 30, 2018Updated 7 years ago
- SmartResponse plugin development.☆15Sep 25, 2019Updated 6 years ago
- THOR APT Scanner User Manual☆20Jan 30, 2026Updated last month
- Device profile: Define acceptable amounts of traffic for your devices and see a report of outliers.☆16Jan 28, 2020Updated 6 years ago
- Carving tool based in Radare2 & Yara☆17Oct 30, 2018Updated 7 years ago
- A curated list of awesome YARA rules, tools, and people.☆33Oct 26, 2023Updated 2 years ago
- Repository collecting and automagically processing public threat intelligence reports.☆18May 1, 2020Updated 5 years ago
- Knowledge base of analytics designed to cover threats based on MITRE's ATT&CK.☆23Dec 13, 2018Updated 7 years ago
- "Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protecti…☆14Mar 4, 2017Updated 8 years ago
- Manufacturer Usage Description (MUD) is a technique whereby constrained end devices (e.g., IoT devices) can signal to the network what so…☆25Jul 5, 2021Updated 4 years ago
- Low-interaction Postgres Honeypot��☆20May 20, 2024Updated last year
- IoC's, PCRE's, YARA's etc☆23Mar 25, 2025Updated 11 months ago
- Documentation used for Shuffle☆21Updated this week
- Scripts to inject demo data and network traffic into an existing Alienvault/OSSIM installation☆21Jul 4, 2017Updated 8 years ago
- Welcome to the NCC Group Threat Intelligence Alert repo, here you will find the alerts which we have raised to our customers regarding in…☆25Feb 6, 2023Updated 3 years ago
- Puma Prey contains vulnerable .NET target applications to test the Puma Scan rules against. This project contains Web Forms, MVC5, and Co…☆21Aug 26, 2025Updated 6 months ago
- WebAMS is an Open Source web application for reporting and resolving incidents or tickets☆10Dec 11, 2022Updated 3 years ago
- ATT&CK Remote Threat Hunting Incident Response☆206Dec 8, 2024Updated last year
- SigmaHQ pySigma CrowdStrike processing pipeline☆27Nov 30, 2025Updated 3 months ago
- a open source rat from china☆26Oct 28, 2016Updated 9 years ago
- Workflows for Shuffle☆24Oct 26, 2022Updated 3 years ago
- A collection of typical false positive indicators☆56Dec 5, 2020Updated 5 years ago
- Kibana 6 Templates for Suricata IDPS Threat Hunting☆24Mar 5, 2019Updated 6 years ago
- Security conferences talks☆25Jul 10, 2020Updated 5 years ago
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆27Jul 21, 2020Updated 5 years ago
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆31Jul 12, 2023Updated 2 years ago
- ☆24Feb 2, 2026Updated last month
- A working client implementation for AlienVault OTX API written in Golang!☆64Oct 28, 2021Updated 4 years ago
- Demisto Client for Python☆72Jan 12, 2026Updated last month
- A CALDERA plugin☆27Feb 24, 2026Updated last week
- Repository of yara rules☆60Nov 29, 2022Updated 3 years ago
- Community modules for FAME☆65Dec 16, 2025Updated 2 months ago
- Caldera plugin to deploy "humans" to emulate user behavior on systems☆31Apr 26, 2024Updated last year