A MITRE ATT&CK Lookup Tool
☆46Apr 25, 2024Updated last year
Alternatives and similar repositories for attack-lookup
Users that are interested in attack-lookup are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- Learn how to get more out of publicly available threat reports to help improve the security posture of your organization! TLP: White Thre…☆15Jun 5, 2023Updated 2 years ago
- A collection of tools adversaries commonly use in an attack.☆15Nov 23, 2024Updated last year
- Azure-Sentinel-BYOML☆12Nov 8, 2019Updated 6 years ago
- The Threat Actor Profile Guide for CTI Analysts☆117Jul 15, 2023Updated 2 years ago
- A collection of intelligence about Log4Shell and its exploitation activity.☆184Mar 4, 2022Updated 4 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆74Jan 26, 2022Updated 4 years ago
- Welcome to the NCC Group Threat Intelligence Alert repo, here you will find the alerts which we have raised to our customers regarding in…☆25Feb 6, 2023Updated 3 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- Crowdstrike Falcon Host script for iterating through instances to get alert and other relevant data☆13Jul 16, 2019Updated 6 years ago
- This script provides a Python library with methods to authenticate to various sources of threat intelligence and query IPs for the latest…☆18Feb 16, 2025Updated last year
- eSentire additions to the nmap network scanner☆14Mar 29, 2016Updated 9 years ago
- A collection of papers, blogs, and resources that make up the quintessential aspects of cyber threat intelligence☆710Apr 21, 2025Updated 11 months ago
- Collection of resources related to the Center for Threat-Informed Defense☆77May 22, 2024Updated last year
- OSSEM Detection Model☆184Oct 11, 2022Updated 3 years ago
- USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is exec…☆21Sep 6, 2022Updated 3 years ago
- A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…☆59Jun 24, 2025Updated 9 months ago
- Training and testing pipeline for ransomware classification based on screenshots of the splash screens or ransom notes (https://arxiv.org…☆11Jul 19, 2020Updated 5 years ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆89Feb 9, 2025Updated last year
- Cyber Underground General Intelligence Requirements☆98Feb 2, 2024Updated 2 years ago
- CryptnetURLCacheParser is a tool to parse CryptAPI cache files☆21Aug 3, 2024Updated last year
- This repository contains the code and PCAPS used for the SANS webinar, "Hacking Proprietary Protocols" given on February 23, 2021.☆34Apr 9, 2022Updated 3 years ago
- A few quick recipes for those that do not have much time during the day☆22Oct 28, 2024Updated last year
- A small tool to easily mount APFS image on macOS for forensics.☆16Jul 30, 2020Updated 5 years ago
- python3 scripts to help with aws triage needs☆15Feb 11, 2022Updated 4 years ago
- This repo is where I store my Threat Hunting ideas/content☆89Updated this week
- A simple script to read the contents of a zip/tar/folder and extract metadata☆22Mar 18, 2026Updated last week
- ☆17Jan 22, 2026Updated 2 months ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆44Jul 18, 2022Updated 3 years ago
- Get intelligence info (tags, mitre techniques, yara and more) and find similar malware in a fast and easy way☆19Jun 6, 2022Updated 3 years ago
- Logbook for Digital Forensics and Incident Response☆11Jan 21, 2022Updated 4 years ago
- Python web app for previewing data in a Chrome Profile Folder☆24Jul 1, 2024Updated last year
- MISP sighting server is a fast sighting server to store and look-up sightings on attributes (network indicators, file hashes, system indi…☆15Dec 24, 2023Updated 2 years ago
- Advanced web server fingerprinting☆22Sep 27, 2017Updated 8 years ago
- Web app built to allow digital forensic professionals to search for the forensic tools that will parse artifacts from various apps.☆18Apr 30, 2025Updated 10 months ago
- my goto docker image when playing ctfs with all the tools I need☆21Mar 8, 2026Updated 2 weeks ago
- ☆18Dec 6, 2022Updated 3 years ago
- A very fast network scanner of SSL server configurations☆11Mar 28, 2016Updated 9 years ago
- OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…☆229Jan 6, 2026Updated 2 months ago