Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
☆82Apr 27, 2024Updated 2 years ago
Alternatives and similar repositories for CTI
Users that are interested in CTI are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- CarbonBlack EDR detection rules and response actions☆73Sep 10, 2024Updated last year
- FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is de…☆820Apr 18, 2026Updated last week
- ☆138Apr 20, 2023Updated 3 years ago
- ☆170Sep 30, 2025Updated 7 months ago
- Slides and Codes used for the workshop Red Team Infrastructure Automation☆193Apr 14, 2024Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Active C&C Detector☆156Oct 5, 2023Updated 2 years ago
- Click Once + App Domain☆67Feb 23, 2026Updated 2 months ago
- This python script performs a number of sqlite queries (mainly password metadata) against sqlite databases (Created by ROADtools) to prov…☆22Jul 3, 2024Updated last year
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Mar 1, 2023Updated 3 years ago
- Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.☆668Jun 14, 2023Updated 2 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- PurpleLab is an efficient and readily deployable lab solution, providing a swift setup for cybersecurity professionals to test detection…☆730Apr 2, 2026Updated 3 weeks ago
- Manage attack surface data on Elasticsearch☆26Nov 20, 2023Updated 2 years ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆53Oct 23, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- AAD related enumeration in Nim☆131Sep 7, 2023Updated 2 years ago
- AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…☆1,218Dec 29, 2025Updated 4 months ago
- ☆60Jun 24, 2023Updated 2 years ago
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆326Oct 12, 2025Updated 6 months ago
- Enumerate information from NTLM authentication enabled web endpoints 🔎☆33Aug 16, 2023Updated 2 years ago
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege☆227Nov 23, 2023Updated 2 years ago
- F-Secure Lightweight Acqusition for Incident Response (FLAIR)☆16Jul 5, 2021Updated 4 years ago
- ☆16Jan 9, 2025Updated last year
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.☆34Jul 23, 2024Updated last year
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…☆1,687Apr 13, 2026Updated 2 weeks ago
- A proof-of-concept C2 channel through DuckDuckGo's image proxy service☆76Nov 12, 2023Updated 2 years ago
- SQL, IIS, Oh My...☆22Feb 24, 2025Updated last year
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆57Oct 10, 2022Updated 3 years ago
- What's the Red Team doing to my Linux Box? - BSides Vienna 2024☆16Nov 23, 2024Updated last year
- Scripts and a short guide for using them to tier an Active Directory. Made for BSides Copenhagen 2024☆39Oct 20, 2025Updated 6 months ago
- A Azure Exploitation Toolkit for Red Team & Pentesters☆169May 6, 2023Updated 2 years ago
- Can you pay the ransom in your country?☆14Dec 18, 2023Updated 2 years ago
- An open-source self-hosted purple team management web application.☆304Feb 15, 2026Updated 2 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ☆33Dec 10, 2024Updated last year
- Local & remote Windows DLL Proxying☆174Jun 17, 2024Updated last year
- Enables an LLM to remotely & securely control a jumphost using synchronous or asynchronous GET requests.☆12Mar 14, 2025Updated last year
- PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monit…☆845Feb 23, 2026Updated 2 months ago
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆826Updated this week
- Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports☆163Updated this week
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆625Jan 2, 2025Updated last year