Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
☆82Apr 27, 2024Updated last year
Alternatives and similar repositories for CTI
Users that are interested in CTI are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- CarbonBlack EDR detection rules and response actions☆73Sep 10, 2024Updated last year
- FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is de…☆819Mar 6, 2026Updated last month
- ☆137Apr 20, 2023Updated 2 years ago
- ☆170Sep 30, 2025Updated 6 months ago
- Slides and Codes used for the workshop Red Team Infrastructure Automation☆193Apr 14, 2024Updated last year
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Active C&C Detector☆156Oct 5, 2023Updated 2 years ago
- Click Once + App Domain☆67Feb 23, 2026Updated last month
- This python script performs a number of sqlite queries (mainly password metadata) against sqlite databases (Created by ROADtools) to prov…☆22Jul 3, 2024Updated last year
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Mar 1, 2023Updated 3 years ago
- Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.☆666Jun 14, 2023Updated 2 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- PurpleLab is an efficient and readily deployable lab solution, providing a swift setup for cybersecurity professionals to test detection…☆728Apr 2, 2026Updated last week
- Manage attack surface data on Elasticsearch☆25Nov 20, 2023Updated 2 years ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆53Oct 23, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- AAD related enumeration in Nim☆131Sep 7, 2023Updated 2 years ago
- AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…☆1,218Dec 29, 2025Updated 3 months ago
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆324Oct 12, 2025Updated 5 months ago
- ☆60Jun 24, 2023Updated 2 years ago
- Enumerate information from NTLM authentication enabled web endpoints 🔎☆34Aug 16, 2023Updated 2 years ago
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege☆227Nov 23, 2023Updated 2 years ago
- F-Secure Lightweight Acqusition for Incident Response (FLAIR)☆16Jul 5, 2021Updated 4 years ago
- ☆17Jan 9, 2025Updated last year
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.☆34Jul 23, 2024Updated last year
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- A proof-of-concept C2 channel through DuckDuckGo's image proxy service☆77Nov 12, 2023Updated 2 years ago
- KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…☆1,679Apr 3, 2026Updated last week
- SQL, IIS, Oh My...☆22Feb 24, 2025Updated last year
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆57Oct 10, 2022Updated 3 years ago
- What's the Red Team doing to my Linux Box? - BSides Vienna 2024☆17Nov 23, 2024Updated last year
- Scripts and a short guide for using them to tier an Active Directory. Made for BSides Copenhagen 2024☆39Oct 20, 2025Updated 5 months ago
- A Azure Exploitation Toolkit for Red Team & Pentesters☆165May 6, 2023Updated 2 years ago
- Can you pay the ransom in your country?☆14Dec 18, 2023Updated 2 years ago
- An open-source self-hosted purple team management web application.☆303Feb 15, 2026Updated last month
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- ☆33Dec 10, 2024Updated last year
- PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monit…☆843Feb 23, 2026Updated last month
- Local & remote Windows DLL Proxying☆174Jun 17, 2024Updated last year
- Enables an LLM to remotely & securely control a jumphost using synchronous or asynchronous GET requests.☆13Mar 14, 2025Updated last year
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆622Jan 2, 2025Updated last year
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆817Updated this week
- Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports☆162Updated this week