Alternatives and similar repositories for ttp0_community_templates

Users that are interested in ttp0_community_templates are comparing it to the libraries listed below

• frikky / WALKOFF

  View on GitHub
  A flexible, easy to use, automation framework allowing users to integrate their capabilities and devices to cut through the repetitive, t…
  ☆12Nov 23, 2022Updated 3 years ago
• TTP0 / info

  View on GitHub
  Public Landing Page
  ☆16Jan 7, 2023Updated 3 years ago
• swannman / ircapabilities

  View on GitHub
  Incident Response Hierarchy of Needs
  ☆470Apr 19, 2023Updated 2 years ago
• joesecurity / DocBleachShell

  View on GitHub
  DocBleachShell is the integration of the great DocBleach, https://github.com/docbleach/DocBleach Content Disarm and Reconstruction tool i…
  ☆21Jan 15, 2022Updated 4 years ago
• arpitn30 / nipper-ng

  View on GitHub
  Automatically exported from code.google.com/p/nipper-ng
  ☆73Jun 28, 2022Updated 3 years ago
• woanware / TargetAnalyser

  View on GitHub
  Tool for analysts to perform simultaneous lookups (IP, Domain, URL, MD5) against multiple data sources
  ☆29Jan 27, 2017Updated 9 years ago
• Foundstone / ExpertInvestigationGuides

  View on GitHub
  Expert Investigation Guides
  ☆51Mar 18, 2021Updated 4 years ago
• SadProcessor / EzETW

  View on GitHub
  Cmdlets for capturing Windows Events
  ☆14Mar 11, 2022Updated 3 years ago
• OSLockdown / OSLockdown

  View on GitHub
  OS Lockdown
  ☆13Nov 21, 2017Updated 8 years ago
• MarkBaggett / freq

  View on GitHub
  This is a repository for freq.py and freq_server.py
  ☆214Feb 1, 2026Updated last week
• randomaccess3 / 4n6_stuff

  View on GitHub
  Git for me to put all my forensics stuff
  ☆23Sep 2, 2025Updated 5 months ago
• haidermdost / Threat-Detection-Maturity-Framework

  View on GitHub
  ☆18Sep 13, 2021Updated 4 years ago
• bsi-group / officefileinfo

  View on GitHub
  officefileinfo is a python script to help analyse the newer Microsoft Office file formats. There are numerous tools for dealing with the …
  ☆16Apr 28, 2016Updated 9 years ago
• d3sre / Use_Case_Applicability

  View on GitHub
  Security Monitoring Resolution Categories
  ☆138Nov 25, 2021Updated 4 years ago
• YARA-Silly-Silly / yarasilly2

  View on GitHub
  Automatic generation of YARA rules from sample files.
  ☆28Apr 10, 2025Updated 10 months ago
• Robicus / gse-study

  View on GitHub
  The gse-study repo was assembled to serve as a consolidated, and comprehensive, study solution for the SANS GSE exam.
  ☆25Nov 11, 2018Updated 7 years ago
• gcrahay / otx_misp

  View on GitHub
  Imports Alienvault OTX pulses to a MISP instance
  ☆53Sep 29, 2021Updated 4 years ago
• bsi-group / dumpntds

  View on GitHub
  Speeds up the extraction of password hashes from ntds.dit files. For use with the ntdsxtract project or the dshash script
  ☆27Feb 1, 2024Updated 2 years ago
• sans-blue-team / sec530-wiki

  View on GitHub
  ☆56Jun 12, 2021Updated 4 years ago
• sfakiana / FIRST-CTI-2019

  View on GitHub
  References for FIRST CTI 2019 Symposium presentation
  ☆23Mar 19, 2019Updated 6 years ago
• m4nbat / KustQueryLanguage_kql

  View on GitHub
  Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting
  ☆68Dec 7, 2025Updated 2 months ago
• olafhartong / WDACme

  View on GitHub
  A WDAC configuration repository with the sole intention of enriching MDE
  ☆30Jun 18, 2025Updated 7 months ago
• Antonlovesdnb / SANSTHS2021

  View on GitHub
  Hunting Malicious Macros SANS Threathunting Summit 2021 Materials
  ☆39Oct 9, 2021Updated 4 years ago
• StrangeBeeCorp / thehive-templates

  View on GitHub
  ☆28Nov 25, 2025Updated 2 months ago
• hosom / bro-otx

  View on GitHub
  Integrate Zeek with Alienvault OTX
  ☆25Sep 11, 2020Updated 5 years ago
• MathildeVenault / SysMainView

  View on GitHub
  This tool is the result of a reverse engineering process of the Windows service called SysMain. Time to interact with the prefetch files …
  ☆33Nov 2, 2020Updated 5 years ago
• socprime / the-prime-hunt

  View on GitHub
  A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation
  ☆77May 21, 2024Updated last year
• ANSSI-FR / orc2timeline

  View on GitHub
  orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
  ☆34Jun 27, 2025Updated 7 months ago
• 0x4D31 / santamon

  View on GitHub
  Lightweight macOS detection agent built on Santa’s Endpoint Security telemetry.
  ☆105Dec 3, 2025Updated 2 months ago
• Concinnity-Risks / LogisticalBudget

  View on GitHub
  This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…
  ☆35Feb 27, 2019Updated 6 years ago
• MISP / intelligence-icons

  View on GitHub
  intelligence-icons is a collection of icons and diagrams for building training and marketing materials around Intelligence sharing; inclu…
  ☆41Mar 17, 2019Updated 6 years ago
• jeffbryner / NBDServer

  View on GitHub
  Network Block Device Server for windows with a DFIR/forensic focus.
  ☆96Mar 31, 2017Updated 8 years ago
• maurermj08 / efetch

  View on GitHub
  Evidence Fetcher (efetch) is a web-based file explorer, viewer, and analyzer.
  ☆39Apr 11, 2020Updated 5 years ago
• dropbox / groupy

  View on GitHub
  Grouper Python Client Library
  ☆10Apr 18, 2023Updated 2 years ago
• 00010111 / smbtimeline

  View on GitHub
  ☆35Oct 20, 2024Updated last year
• Cyberlorians / Workbooks

  View on GitHub
  ☆36Nov 11, 2025Updated 3 months ago
• bromiley / pollen

  View on GitHub
  pollen - A command-line tool for interacting with TheHive
  ☆36Jun 6, 2019Updated 6 years ago
• randomaccess3 / googleURLParser

  View on GitHub
  parser for Google search strings
  ☆40Sep 14, 2019Updated 6 years ago
• njahrckstr / Windows_Kernel_Sploit_List

  View on GitHub
  ☆36Jul 11, 2018Updated 7 years ago