Tools for simulating threats
☆203Oct 27, 2023Updated 2 years ago
Alternatives and similar repositories for threat-tools
Users that are interested in threat-tools are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆81Mar 19, 2026Updated 2 months ago
- Passive service locator, a python sniffer that identifies servers, clients, names and much more☆263Feb 9, 2026Updated 4 months ago
- Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana☆301Mar 19, 2026Updated 2 months ago
- Extracts fields from zeek logs, compatible with zeek-cut☆27Jul 10, 2024Updated last year
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,506Jan 12, 2026Updated 5 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Collection of walkthroughs on various threat hunting techniques☆78Aug 3, 2020Updated 5 years ago
- Run zeek with zeekctl in docker☆64May 7, 2026Updated last month
- Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.☆488Nov 21, 2024Updated last year
- ��☆59Mar 4, 2022Updated 4 years ago
- ☆2,404Oct 14, 2023Updated 2 years ago
- These are the labs for my Intro class. Yes, this is public. Yes, this is intentional.☆1,791Jun 4, 2026Updated last week
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆573Jun 3, 2026Updated last week
- Distribution of the SANS SEC504 Windows Cheat Sheet Lab☆82May 25, 2020Updated 6 years ago
- ☆50Jan 30, 2026Updated 4 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆20Mar 26, 2026Updated 2 months ago
- ☆17May 28, 2022Updated 4 years ago
- PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.☆330May 1, 2025Updated last year
- A set of Zeek scripts to detect ATT&CK techniques.☆622Jun 26, 2024Updated last year
- Public rules and samples for various automations through LimaCharlie.io☆14Dec 16, 2021Updated 4 years ago
- An Ansible playbook for deploying the Suricata intrusion detection system and fetching Snort rules with Oinkmaster.☆17Oct 30, 2021Updated 4 years ago
- A simple Python script to do quick, targeted recon of a given domain.☆78Apr 17, 2025Updated last year
- Passive OS detection based on SYN packets without Transmitting any Data☆50Mar 29, 2023Updated 3 years ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆1,069Oct 5, 2023Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monit…☆847Feb 23, 2026Updated 3 months ago
- Windows Events Attack Samples☆2,571Jan 24, 2023Updated 3 years ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆89Feb 9, 2025Updated last year
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆340Dec 3, 2025Updated 6 months ago
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆154Apr 25, 2022Updated 4 years ago
- Detect Tactics, Techniques & Combat Threats☆2,296Jun 2, 2026Updated last week
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…☆2,506May 9, 2026Updated last month
- Purpleteam scripts simulation & Detection - trigger events for SOC detections☆203Dec 20, 2024Updated last year
- Automated Adversary Emulation Platform☆7,031Jun 3, 2026Updated last week
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Practical Windows Forensics Training☆766Feb 16, 2026Updated 3 months ago
- My solutions in Python for Corelan's Exploit Writing Tutorials☆13Jun 2, 2016Updated 10 years ago
- Digging Deeper....☆4,011Updated this week
- ☆31Dec 11, 2025Updated 6 months ago
- Corelight-Ansible-Roles are a collection of Ansible Roles and playbooks that install, configure, run and manage a variety of Corelight, S…☆16Jun 15, 2021Updated 4 years ago
- Repository of attack and defensive information for Business Email Compromise investigations☆276Apr 19, 2026Updated last month
- An automated Adversary Emulation lab with terraform and MCP server. Build Caldera techniques and operations assisted with LLMs. Built f…☆211Nov 23, 2025Updated 6 months ago