Alternatives and similar repositories for Windows-Threat-Hunting

Users that are interested in Windows-Threat-Hunting are comparing it to the libraries listed below

• EgeBalci / Injector

  View on GitHub
  Simple shellcode injector.
  ☆13Jan 6, 2019Updated 7 years ago
• codeexpress / subdomainrecon

  View on GitHub
  A sub-domain reconnaissance written in golang
  ☆12Jan 11, 2018Updated 8 years ago
• sagarwani / APT32_OceanLotus_ThreatGroup

  View on GitHub
  All in one - Malware + Analysis by Cylance
  ☆11Nov 23, 2018Updated 7 years ago
• 0xph03n1x / eCTHPv2

  View on GitHub
  Collection of scripts and tools related to the eCTHPv2 exam by INE.
  ☆18Jun 12, 2022Updated 3 years ago
• S-RM / HELi

  View on GitHub
  Multicore EVTX to Elasticsearch ingestor for incident responders.
  ☆14May 12, 2021Updated 4 years ago
• EgeBalci / AgentTesla_RCE

  View on GitHub
  AgentTesla botnet C&C RCE exploit.
  ☆16Aug 13, 2019Updated 6 years ago
• svch0stz / TheThreatHuntLibrary

  View on GitHub
  Library of threat hunts to get any user started!
  ☆48Sep 4, 2020Updated 5 years ago
• 0xacb / github-desktop-poc

  View on GitHub
  Github Desktop RCE PoC
  ☆28Dec 4, 2018Updated 7 years ago
• SoulSec / resource-threat-hunting

  View on GitHub
  Repository resource for threat hunter
  ☆158Sep 14, 2018Updated 7 years ago
• olafhartong / detection-sources

  View on GitHub
  ☆53Mar 4, 2019Updated 6 years ago
• slyd0g / SharpRoast-Parser

  View on GitHub
  Bash one-liner that will parse harmj0y's SharpRoast or Rebeus kerberoast into hashcat crack-able format.
  ☆32Feb 28, 2019Updated 6 years ago
• 001SPARTaN / FaceDancer

  View on GitHub
  Playing around with token manipulation in C#.
  ☆29Nov 6, 2019Updated 6 years ago
• SpiderMate / Red-Teaming

  View on GitHub
  Ex-pv8's
  ☆64Aug 28, 2019Updated 6 years ago
• xsuperbug / g0yg0y

  View on GitHub
  ☆27Feb 26, 2016Updated 9 years ago
• IoTPOT / IoTPOT

  View on GitHub
  We implement IoTPOT, a novel honeypot to emulate Telnet services of various IoT devices to analyze ongoing attacks in depth. IoTPOT consi…
  ☆26Sep 4, 2015Updated 10 years ago
• 0xxon / zeek-tls-log-alternative

  View on GitHub
  Zeek scripts that provide an alternative log file logging TLS/SSL traffic
  ☆12May 4, 2021Updated 4 years ago
• OmerYa / Babel-Shellfish

  View on GitHub
  Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.
  ☆43Nov 10, 2018Updated 7 years ago
• immunIT / CVE-2018-11759

  View on GitHub
  Proof of concept showing how to exploit the CVE-2018-11759
  ☆40Dec 11, 2018Updated 7 years ago
• YoNixNeXRo / C2Live

  View on GitHub
  Track C2 servers, tools, and botnets over time by framework and location
  ☆43Feb 9, 2025Updated last year
• guardicore / vmware_guest_auth_bypass

  View on GitHub
  Proof of concept of VMSA-2017-0012
  ☆41Jul 27, 2017Updated 8 years ago
• eset / volatility-browserhooks

  View on GitHub
  Volatility Framework plugin to detect various types of hooks as performed by banking Trojans
  ☆40Dec 14, 2018Updated 7 years ago
• Brandon-Everhart / Practical-Malware-Analysis

  View on GitHub
  Personal notes and lab results pertaining to the text "Practical Malware Analysis" by Michael Sikorski and Andrew Honiq.
  ☆12Oct 28, 2017Updated 8 years ago
• serializingme / gpo-bypass

  View on GitHub
  GPO Bypass is a tool / proof-of-concept that highlights how one can bypass Group Policy enforced policies. It uses Firefox as an example.
  ☆14Jan 28, 2023Updated 3 years ago
• alternat0r / training-basic-malware-analysis

  View on GitHub
  In this training will be covered about a very basic step for malware analysis. Using several free tools to recognize malware behavior. Si…
  ☆12May 25, 2016Updated 9 years ago
• ligulfzhou / how-to-scrapy-bitcoin

  View on GitHub
  scrapy bitcoin scripts
  ☆13Dec 27, 2021Updated 4 years ago
• AdamMOdell / OSINT-equals-star

  View on GitHub
  OSINT=*, Chrome extension that searches all the threat feeds
  ☆11Dec 5, 2021Updated 4 years ago
• west-wind / Spring4Shell-Detection

  View on GitHub
  Lazy SPL to detect Spring4Shell exploitation
  ☆12Jul 8, 2022Updated 3 years ago
• clncln1 / node-ntlm-client

  View on GitHub
  A node.js NTLM client with support for NTLM and NTLMv2 authentication
  ☆10Feb 12, 2024Updated 2 years ago
• r3dg33k / Oneliner-Reverse-Shell-Command-Generator-Script

  View on GitHub
  Reverseshell Generator
  ☆10Dec 13, 2017Updated 8 years ago
• CiscoSE / SnortBlocklistImporter

  View on GitHub
  This is a script to import Cisco Talos's IP Blacklist into a Tag (Host Group) within Stealthwatch. This will also optionally create a Cu…
  ☆11May 22, 2023Updated 2 years ago
• makitos666 / MFT_Fast_Transcoder

  View on GitHub
  MFT Fast Transcoder is a fast forensic tool to analyze MFT of NTFS partitions.
  ☆12Feb 27, 2023Updated 2 years ago
• sasdf / ctf

  View on GitHub
  My CTF tasks and writeup
  ☆38Dec 6, 2022Updated 3 years ago
• guerilla7 / CyberMoE

  View on GitHub
  A Mixture‑of‑Experts Educational Framework for Adaptive Cybersecurity
  ☆19Feb 8, 2026Updated last week
• frank2 / dumb-malware

  View on GitHub
  No one writes dumb malware anymore. This is a repo for dumb malware.
  ☆10Apr 18, 2017Updated 8 years ago
• qbrusa / Windows-Security-Event-ID-Helper

  View on GitHub
  This repository provide a json file for all Windows security Event IDs with lot of useful informations (Categories, GPO, Volume, Recomman…
  ☆11Mar 2, 2023Updated 2 years ago
• mass-project / mass_server

  View on GitHub
  Malware Analysis and Storage System - Server repository
  ☆12Jul 15, 2022Updated 3 years ago
• Vyiel / RedTeamPets

  View on GitHub
  A collection of handy and specific tools for the Red Teamer
  ☆11Aug 13, 2024Updated last year
• frogh1 / win_pwdump

  View on GitHub
  get windows password ntlm
  ☆11Dec 5, 2019Updated 6 years ago
• aaaddress1 / PowerCursor

  View on GitHub
  Auto Move Your Cursor to the Focused Window while You Alt-Tab or Touchboard for Windows
  ☆10Dec 11, 2024Updated last year