Threat feeds designed to extract adversarial TTPs and IOCs, using: ✨AI✨
☆69Apr 5, 2026Updated 2 weeks ago
Alternatives and similar repositories for TTP-Threat-Feeds
Users that are interested in TTP-Threat-Feeds are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Extract the Procedures (TTP) from CTI reports☆18Dec 13, 2025Updated 4 months ago
- 🛡️ SIGMA Detection Engineering Platform A comprehensive AI-powered detection engineering platform for security teams to explore MITRE AT…☆45Jun 28, 2025Updated 9 months ago
- Scripts for importing threat feeds and CTI articles, blogs, and reports into MISP.☆18Jun 16, 2025Updated 10 months ago
- ☆18Feb 29, 2024Updated 2 years ago
- An introduction to detection engineering☆14Jan 3, 2025Updated last year
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- YARA, SIGMA, SNORT Rules based on Malware Analysis☆17Apr 23, 2025Updated 11 months ago
- single-threaded event driven sleep obfuscation poc for linux☆38Jun 14, 2025Updated 10 months ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆93Nov 3, 2025Updated 5 months ago
- (MeetC2 a.k.a Meeting C2) - A framework abusing Google Calendar APIs.☆139Apr 6, 2026Updated last week
- Windows Administrator level Implant.☆50Sep 28, 2024Updated last year
- A curated collection of DFIR skills and workflows for InfoSec practitioners.☆278Apr 10, 2026Updated last week
- Extracts IoCs, TTPs and the relationships between them. Outputs a STIX 2.1 bundle.☆79Updated this week
- Advanced Threat Hunting: Ransomware Group☆28Jul 9, 2025Updated 9 months ago
- Rules shared by the community from 100 Days of YARA 2025☆38Jan 2, 2026Updated 3 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆12Oct 21, 2020Updated 5 years ago
- sKaleQL is an opinionated template repository for managing, executing, and organizing Kusto Query Language (KQL) queries against Azure Lo…☆20May 20, 2025Updated 10 months ago
- The method and files used to generate Sysmon event logs, push them to a remote Splunk, and ingest/normalize the data for analysis.☆10Sep 28, 2020Updated 5 years ago
- ☆18Mar 26, 2024Updated 2 years ago
- A hex viewer for the sleuths!☆20Nov 7, 2025Updated 5 months ago
- Laravel RCE Exploitation Toolkit☆57Nov 8, 2025Updated 5 months ago
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆34Aug 18, 2025Updated 8 months ago
- Sample programs to access the API☆107Dec 8, 2025Updated 4 months ago
- Globally distributed honeypots and HoneyNets IOCs and file reversing☆16Apr 22, 2024Updated last year
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Modern PIC implant for Windows (64 & 32 bit)☆107Jul 23, 2025Updated 8 months ago
- A synergized Visual Studio and Rust development environment☆19Jan 25, 2025Updated last year
- IOC Stream and Command and Control Database Containing Command and Control (C2) Servers Detected Daily by ThreatMon.☆69Dec 27, 2023Updated 2 years ago
- NoDelete is a tool that assists in malware analysis by locking a folder where malware drops files before deleting them.☆49Nov 17, 2025Updated 5 months ago
- Local SYSTEM auth trigger for relaying - X☆154Jul 23, 2025Updated 8 months ago
- ☆79Jan 1, 2026Updated 3 months ago
- KQL Queries for Advanced Hunting / Log Analytics☆13Jan 29, 2026Updated 2 months ago
- Share Information about Microsoft Security Products☆64Updated this week
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆68Jan 5, 2026Updated 3 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Command and Control Framework using powershell implants☆36Jun 17, 2025Updated 10 months ago
- Utilities for obfuscating shellcode☆102Mar 24, 2026Updated 3 weeks ago
- CQL Hub is an open repository of detection and hunting queries for CrowdStrike NextGen SIEM and Falcon LogScale. All queries stored here …☆53Apr 2, 2026Updated 2 weeks ago
- Frontend for MalShare.com☆18Updated this week
- A Flask-like µFramework for Gopher☆20Jul 18, 2025Updated 9 months ago
- Rust Windows EDR (user-mode, no driver): ETW → Sysmon-style normalization → Sigma/Yara/IOC detection → ECS NDJSON alerts.☆101Mar 4, 2026Updated last month
- Remote DLL Injection with Timer-based Shellcode Execution☆192Jul 18, 2025Updated 9 months ago