Tools for simulating threats
☆203Oct 27, 2023Updated 2 years ago
Alternatives and similar repositories for threat-tools
Users that are interested in threat-tools are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆81Mar 19, 2026Updated 2 months ago
- Passive service locator, a python sniffer that identifies servers, clients, names and much more☆263Feb 9, 2026Updated 3 months ago
- Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana☆302Mar 19, 2026Updated 2 months ago
- Extracts fields from zeek logs, compatible with zeek-cut☆27Jul 10, 2024Updated last year
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,505Jan 12, 2026Updated 4 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Collection of walkthroughs on various threat hunting techniques☆77Aug 3, 2020Updated 5 years ago
- Run zeek with zeekctl in docker☆64May 7, 2026Updated 2 weeks ago
- Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.☆487Nov 21, 2024Updated last year
- ☆58Mar 4, 2022Updated 4 years ago
- ☆2,405Oct 14, 2023Updated 2 years ago
- These are the labs for my Intro class. Yes, this is public. Yes, this is intentional.☆1,792Updated this week
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆564May 6, 2026Updated 2 weeks ago
- Distribution of the SANS SEC504 Windows Cheat Sheet Lab☆82May 25, 2020Updated 5 years ago
- ☆50Jan 30, 2026Updated 3 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆19Mar 26, 2026Updated last month
- ☆17May 28, 2022Updated 3 years ago
- PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.☆329May 1, 2025Updated last year
- A set of Zeek scripts to detect ATT&CK techniques.☆622Jun 26, 2024Updated last year
- Public rules and samples for various automations through LimaCharlie.io☆14Dec 16, 2021Updated 4 years ago
- An Ansible playbook for deploying the Suricata intrusion detection system and fetching Snort rules with Oinkmaster.☆17Oct 30, 2021Updated 4 years ago
- A simple Python script to do quick, targeted recon of a given domain.☆76Apr 17, 2025Updated last year
- Passive OS detection based on SYN packets without Transmitting any Data☆50Mar 29, 2023Updated 3 years ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆1,071Oct 5, 2023Updated 2 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monit…☆847Feb 23, 2026Updated 3 months ago
- Windows Events Attack Samples☆2,560Jan 24, 2023Updated 3 years ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆90Feb 9, 2025Updated last year
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆340Dec 3, 2025Updated 5 months ago
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆154Apr 25, 2022Updated 4 years ago
- Detect Tactics, Techniques & Combat Threats☆2,292Apr 29, 2026Updated 3 weeks ago
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…☆2,495May 9, 2026Updated 2 weeks ago
- Purpleteam scripts simulation & Detection - trigger events for SOC detections☆203Dec 20, 2024Updated last year
- Automated Adversary Emulation Platform☆6,984Updated this week
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Practical Windows Forensics Training☆763Feb 16, 2026Updated 3 months ago
- Digging Deeper....☆3,973Updated this week
- ☆31Dec 11, 2025Updated 5 months ago
- Corelight-Ansible-Roles are a collection of Ansible Roles and playbooks that install, configure, run and manage a variety of Corelight, S…☆16Jun 15, 2021Updated 4 years ago
- Repository of attack and defensive information for Business Email Compromise investigations☆276Apr 19, 2026Updated last month
- An automated Adversary Emulation lab with terraform and MCP server. Build Caldera techniques and operations assisted with LLMs. Built f…☆209Nov 23, 2025Updated 6 months ago
- A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet.☆750Jun 5, 2025Updated 11 months ago