Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
☆81Apr 27, 2024Updated 2 years ago
Alternatives and similar repositories for CTI
Users that are interested in CTI are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- CarbonBlack EDR detection rules and response actions☆73Sep 10, 2024Updated last year
- FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is de…☆821Apr 18, 2026Updated last month
- ☆138Apr 20, 2023Updated 3 years ago
- ☆170Sep 30, 2025Updated 8 months ago
- Slides and Codes used for the workshop Red Team Infrastructure Automation☆193Apr 14, 2024Updated 2 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Active C&C Detector☆156Oct 5, 2023Updated 2 years ago
- Click Once + App Domain☆68Feb 23, 2026Updated 3 months ago
- This python script performs a number of sqlite queries (mainly password metadata) against sqlite databases (Created by ROADtools) to prov…☆22Jul 3, 2024Updated last year
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Mar 1, 2023Updated 3 years ago
- Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.☆670Jun 14, 2023Updated 2 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- PurpleLab is an efficient and readily deployable lab solution, providing a swift setup for cybersecurity professionals to test detection…☆734Apr 2, 2026Updated 2 months ago
- Manage attack surface data on Elasticsearch☆26Nov 20, 2023Updated 2 years ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆54Oct 23, 2024Updated last year
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- AAD related enumeration in Nim☆131Sep 7, 2023Updated 2 years ago
- AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…☆1,219Jun 2, 2026Updated last week
- ☆61Jun 24, 2023Updated 2 years ago
- Enumerate information from NTLM authentication enabled web endpoints 🔎☆33Aug 16, 2023Updated 2 years ago
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege☆227Nov 23, 2023Updated 2 years ago
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆328Oct 12, 2025Updated 7 months ago
- F-Secure Lightweight Acqusition for Incident Response (FLAIR)☆16Jul 5, 2021Updated 4 years ago
- ☆16Jan 9, 2025Updated last year
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.☆35Jul 23, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A proof-of-concept C2 channel through DuckDuckGo's image proxy service☆76Nov 12, 2023Updated 2 years ago
- KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…☆1,707May 22, 2026Updated 2 weeks ago
- SQL, IIS, Oh My...☆21Feb 24, 2025Updated last year
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆57Oct 10, 2022Updated 3 years ago
- What's the Red Team doing to my Linux Box? - BSides Vienna 2024☆17Nov 23, 2024Updated last year
- Scripts and a short guide for using them to tier an Active Directory. Made for BSides Copenhagen 2024☆40Oct 20, 2025Updated 7 months ago
- A Azure Exploitation Toolkit for Red Team & Pentesters☆169May 6, 2023Updated 3 years ago
- Can you pay the ransom in your country?☆14Dec 18, 2023Updated 2 years ago
- An open-source self-hosted purple team management web application.☆307Feb 15, 2026Updated 3 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆33Dec 10, 2024Updated last year
- Local & remote Windows DLL Proxying☆173Jun 17, 2024Updated last year
- Enables an LLM to remotely & securely control a jumphost using synchronous or asynchronous GET requests.☆12Mar 14, 2025Updated last year
- PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monit…☆847Feb 23, 2026Updated 3 months ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆628Jan 2, 2025Updated last year
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆845Jun 3, 2026Updated last week
- Automatic detection engineering technical state compliance☆55Jul 7, 2024Updated last year