Threat feeds designed to extract adversarial TTPs and IOCs, using: ✨AI✨
☆69Mar 27, 2026Updated this week
Alternatives and similar repositories for TTP-Threat-Feeds
Users that are interested in TTP-Threat-Feeds are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Extract the Procedures (TTP) from CTI reports☆17Dec 13, 2025Updated 3 months ago
- 🛡️ SIGMA Detection Engineering Platform A comprehensive AI-powered detection engineering platform for security teams to explore MITRE AT…☆45Jun 28, 2025Updated 9 months ago
- Scripts for importing threat feeds and CTI articles, blogs, and reports into MISP.☆18Jun 16, 2025Updated 9 months ago
- ☆18Feb 29, 2024Updated 2 years ago
- An introduction to detection engineering☆14Jan 3, 2025Updated last year
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…☆35Oct 21, 2025Updated 5 months ago
- YARA, SIGMA, SNORT Rules based on Malware Analysis☆17Apr 23, 2025Updated 11 months ago
- This config file will automatically convert a temporary Windows Sandbox environment into a Flare VM for malware analysis.☆11Jan 3, 2025Updated last year
- single-threaded event driven sleep obfuscation poc for linux☆38Jun 14, 2025Updated 9 months ago
- BeaconatorC2 is a framework for red teaming and adversarial emulation, providing a full-featured management interface, along with a catal…☆93Jan 14, 2026Updated 2 months ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆92Nov 3, 2025Updated 4 months ago
- (MeetC2 a.k.a Meeting C2) - A framework abusing Google Calendar APIs.☆132Sep 4, 2025Updated 6 months ago
- Windows Administrator level Implant.☆50Sep 28, 2024Updated last year
- A quick command line utility that generates uses simple addition to obfuscate individual characters, then executes it☆16Jun 13, 2025Updated 9 months ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Generate a fake "systeminfo.exe" binary in order to hide the presence of a VM☆16Jan 4, 2024Updated 2 years ago
- Malware detonation platform Polygon integration☆10Aug 1, 2023Updated 2 years ago
- A curated collection of DFIR skills and workflows for InfoSec practitioners.☆261Feb 8, 2026Updated last month
- Extracts IoCs, TTPs and the relationships between them. Outputs a STIX 2.1 bundle.☆79Mar 17, 2026Updated last week
- Advanced Threat Hunting: Ransomware Group☆29Jul 9, 2025Updated 8 months ago
- Rules shared by the community from 100 Days of YARA 2025☆38Jan 2, 2026Updated 2 months ago
- ☆11Oct 21, 2020Updated 5 years ago
- sKaleQL is an opinionated template repository for managing, executing, and organizing Kusto Query Language (KQL) queries against Azure Lo…☆19May 20, 2025Updated 10 months ago
- Shellcode Loader using indirect syscalls☆16Jan 21, 2024Updated 2 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- The method and files used to generate Sysmon event logs, push them to a remote Splunk, and ingest/normalize the data for analysis.☆10Sep 28, 2020Updated 5 years ago
- ☆18Mar 26, 2024Updated 2 years ago
- A hex viewer for the sleuths!☆20Nov 7, 2025Updated 4 months ago
- Laravel RCE Exploitation Toolkit☆57Nov 8, 2025Updated 4 months ago
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆34Aug 18, 2025Updated 7 months ago
- Globally distributed honeypots and HoneyNets IOCs and file reversing☆16Apr 22, 2024Updated last year
- Share Information about Microsoft Security Products☆54Updated this week
- ☆22Dec 22, 2020Updated 5 years ago
- ☆23Jul 7, 2023Updated 2 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- mult-answer plugin for CTFd☆15Aug 22, 2019Updated 6 years ago
- Modern PIC implant for Windows (64 & 32 bit)☆106Jul 23, 2025Updated 8 months ago
- A synergized Visual Studio and Rust development environment☆19Jan 25, 2025Updated last year
- IOC Stream and Command and Control Database Containing Command and Control (C2) Servers Detected Daily by ThreatMon.☆69Dec 27, 2023Updated 2 years ago
- NoDelete is a tool that assists in malware analysis by locking a folder where malware drops files before deleting them.☆49Nov 17, 2025Updated 4 months ago
- Local SYSTEM auth trigger for relaying - X☆154Jul 23, 2025Updated 8 months ago
- KQL Queries for Advanced Hunting / Log Analytics☆13Jan 29, 2026Updated 2 months ago