Alternatives and similar repositories for Attribution-to-IP

Users that are interested in Attribution-to-IP are comparing it to the libraries listed below

• Yamato-Security / suzaku-rules

  View on GitHub
  ☆11Dec 9, 2025Updated 2 months ago
• MHaggis / ClickGrab

  View on GitHub
  Finding ClickFix and FakeCAPTCHA like it's 1999
  ☆121Updated this week
• invictus-ir / IOCs

  View on GitHub
  Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more
  ☆30Nov 26, 2025Updated 2 months ago
• antman1p / JXA_Proc_Tree

  View on GitHub
  A JXA script for enumerating running processes, printed out in a json, parent-child tree.
  ☆14Jan 28, 2022Updated 4 years ago
• BushidoUK / CTI-Analyst-Challenge

  View on GitHub
  An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.
  ☆202Jul 3, 2024Updated last year
• THORCollective / HEARTH

  View on GitHub
  A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …
  ☆300Feb 7, 2026Updated last week
• matthieugras / timeline-downloader

  View on GitHub
  ☆72Feb 4, 2026Updated last week
• intel471 / CU-GIR

  View on GitHub
  Cyber Underground General Intelligence Requirements
  ☆97Feb 2, 2024Updated 2 years ago
• Cyb3rWard0g / IntelRAGU

  View on GitHub
  Intel Retrieval Augmented Generation (RAG) Utilities
  ☆91Jan 29, 2024Updated 2 years ago
• ail-project / ail-training

  View on GitHub
  AIL project training materials
  ☆39Jul 17, 2025Updated 6 months ago
• curated-intel / Threat-Actor-Profile-Guide

  View on GitHub
  The Threat Actor Profile Guide for CTI Analysts
  ☆116Jul 15, 2023Updated 2 years ago
• Yamato-Security / suzaku

  View on GitHub
  Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.
  ☆167Dec 7, 2025Updated 2 months ago
• korniko98 / pivot-atlas

  View on GitHub
  ☆102Dec 9, 2025Updated 2 months ago
• lasq88 / MalwareAnalysis

  View on GitHub
  Malware Analysis tools
  ☆26Sep 14, 2024Updated last year
• BushidoUK / Ransomware-Tool-Matrix

  View on GitHub
  A resource containing all the tools each ransomware gangs uses
  ☆1,327Dec 24, 2025Updated last month
• nyxgeek / cloudkicker

  View on GitHub
  self-hosted Azure OSINT tool
  ☆32Jun 24, 2025Updated 7 months ago
• SecurityAura / DE-TH-Aura

  View on GitHub
  Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…
  ☆277Dec 20, 2025Updated last month
• BushidoUK / Ransomware-Vulnerability-Matrix

  View on GitHub
  A collection of CVEs weaponized by ransomware operators
  ☆129Oct 13, 2025Updated 4 months ago
• MHaggis / PowerShell-Hunter

  View on GitHub
  PowerShell tools to help defenders hunt smarter, hunt harder.
  ☆457Oct 29, 2025Updated 3 months ago
• curated-intel / MOVEit-Transfer

  View on GitHub
  A repository for tracking events related to the MOVEit Transfer Cl0p Campaign
  ☆71Jul 19, 2023Updated 2 years ago
• wightsci / MessageTableReader

  View on GitHub
  Read Windows message table entries.
  ☆11Feb 5, 2023Updated 3 years ago
• sketchymoose / workslikeaJARM

  View on GitHub
  Method of finding interesting domains using keywords + JARMs
  ☆13Jan 30, 2023Updated 3 years ago
• bobby-tablez / TTP-Threat-Feeds

  View on GitHub
  Threat feeds designed to extract adversarial TTPs and IOCs, using: ✨AI✨
  ☆64Updated this week
• AttacktheSOC / Azure-SecOps

  View on GitHub
  Collection of different Azure/Entra focused solutions (Deployable templates, Function Apps, etc)
  ☆78Updated this week
• tsale / EDR-Telemetry

  View on GitHub
  This project aims to compare and evaluate the telemetry of various EDR products.
  ☆1,924Jan 20, 2026Updated 3 weeks ago
• LuemmelSec / APEX

  View on GitHub
  Azure Post Exploitation Framework
  ☆244Oct 27, 2025Updated 3 months ago
• curated-intel / The-CTI-Research-Guide

  View on GitHub
  A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners
  ☆115Oct 29, 2024Updated last year
• montysecurity / C2-Tracker

  View on GitHub
  Live Feed of C2 servers, tools, and botnets
  ☆745Updated this week
• cudeso / proof-value-cti

  View on GitHub
  Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.
  ☆53Oct 23, 2024Updated last year
• jp-gouin / multi-cluster-supply-chain

  View on GitHub
  ☆16Jul 17, 2024Updated last year
• CD-R0M / YARA

  View on GitHub
  Hundred Days of Yara Challenge
  ☆12Jun 21, 2022Updated 3 years ago
• LETHAL-FORENSICS / Microsoft-Analyzer-Suite

  View on GitHub
  A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
  ☆573Dec 6, 2025Updated 2 months ago
• Arcanum-Sec / msftrecon

  View on GitHub
  ☆759May 7, 2025Updated 9 months ago
• BushidoUK / Open-source-tools-for-CTI

  View on GitHub
  Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers
  ☆768Updated this week
• microsoft / tim-data-investigate-platform

  View on GitHub
  TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…
  ☆23Aug 7, 2024Updated last year
• Yamato-Security / sigma-to-hayabusa-converter

  View on GitHub
  Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.
  ☆16Oct 22, 2025Updated 3 months ago
• topher-lo / hunts

  View on GitHub
  🐻‍❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.
  ☆14May 22, 2024Updated last year
• kozmer / silentpulse

  View on GitHub
  single-threaded event driven sleep obfuscation poc for linux
  ☆37Jun 14, 2025Updated 8 months ago
• synacktiv / GroupPolicyBackdoor

  View on GitHub
  Group Policy Objects manipulation and exploitation framework
  ☆289Dec 7, 2025Updated 2 months ago