Collection of walkthroughs on various threat hunting techniques
☆76Aug 3, 2020Updated 5 years ago
Alternatives and similar repositories for threat-hunting-labs
Users that are interested in threat-hunting-labs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Passive service locator, a python sniffer that identifies servers, clients, names and much more☆260Feb 9, 2026Updated last month
- Reference sheet for Threat Hunting Professional Course☆26Mar 10, 2019Updated 7 years ago
- Learn about a network from a pcap file or reading from an interface☆29Apr 6, 2024Updated last year
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,515Jan 12, 2026Updated 2 months ago
- Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana☆301Mar 19, 2026Updated last week
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- An Installation Script for Bro IDS on Debian Based Systems☆20Jun 25, 2020Updated 5 years ago
- Tools for simulating threats☆203Oct 27, 2023Updated 2 years ago
- ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.☆135Jul 25, 2019Updated 6 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆65Oct 31, 2017Updated 8 years ago
- Slides and Other Resources from my latest Talks and Presentations☆24Sep 17, 2025Updated 6 months ago
- Information about the open-source-dfir slack community☆30Jun 17, 2023Updated 2 years ago
- ☆58Mar 4, 2022Updated 4 years ago
- Simple script to generate commands to achieve reverse shells.☆12Aug 12, 2019Updated 6 years ago
- Zeek Log Cheatsheets☆304Aug 12, 2025Updated 7 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- This repo is where I store my Threat Hunting ideas/content☆89Mar 20, 2026Updated last week
- A CALDERA plugin for autonomous incident response☆27Mar 18, 2026Updated last week
- ☆30Nov 15, 2018Updated 7 years ago
- Information about most important hunts which can be performed by Threat hunters while searching for any adversary/threats inside the orga…☆15May 18, 2019Updated 6 years ago
- ☆14Aug 16, 2021Updated 4 years ago
- ☆12Jan 5, 2021Updated 5 years ago
- A curated list of tools for incident response☆21Sep 24, 2019Updated 6 years ago
- Creating an ATT&CK Navigator layer with the detection coverage of the signals available within Tanium Threat Response.☆11Jun 2, 2021Updated 4 years ago
- ☆11May 30, 2021Updated 4 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Powershell - web traffic whitenoise generator☆47Jun 4, 2020Updated 5 years ago
- ☆2,392Oct 14, 2023Updated 2 years ago
- ☆77Jun 25, 2019Updated 6 years ago
- Device profile: Define acceptable amounts of traffic for your devices and see a report of outliers.☆16Jan 28, 2020Updated 6 years ago
- Corelight-Ansible-Roles are a collection of Ansible Roles and playbooks that install, configure, run and manage a variety of Corelight, S…☆16Jun 15, 2021Updated 4 years ago
- Volatility plugin to search for all Autostart Extensibility Points (AESPs)☆10May 16, 2024Updated last year
- Zeek package for tracking long connections to report them before they have completed.☆31Nov 25, 2025Updated 4 months ago
- A central place for me to share interesting PSRemoting configurations☆16Jun 28, 2017Updated 8 years ago
- All my slides for any talks☆23Oct 13, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Tools, techniques, cheat sheets, and other resources to assist those defending organizations and detecting adversaries☆460Feb 4, 2022Updated 4 years ago
- ☆39Dec 10, 2020Updated 5 years ago
- Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…☆15Aug 15, 2022Updated 3 years ago
- This was code for analyzing round 1 of the MITRE Enterprise ATT&CK Evaluation. Please check out https://github.com/joshzelonis/Enterprise…☆94Apr 22, 2020Updated 5 years ago
- Utility for parsing Bro log files into CSV or JSON format☆41Jan 12, 2023Updated 3 years ago
- Zeek network security monitor plugin that enables parsing of the Tabular Data Stream (TDS) protocol☆25May 30, 2024Updated last year
- A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…☆62Nov 26, 2025Updated 4 months ago