A MITRE ATT&CK Lookup Tool
☆46Apr 25, 2024Updated last year
Alternatives and similar repositories for attack-lookup
Users that are interested in attack-lookup are comparing it to the libraries listed below
Sorting:
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- This script provides a Python library with methods to authenticate to various sources of threat intelligence and query IPs for the latest…☆18Feb 16, 2025Updated last year
- The Threat Actor Profile Guide for CTI Analysts☆116Jul 15, 2023Updated 2 years ago
- Welcome to the NCC Group Threat Intelligence Alert repo, here you will find the alerts which we have raised to our customers regarding in…☆25Feb 6, 2023Updated 3 years ago
- Windows Thingies... but in Rust☆23Nov 12, 2022Updated 3 years ago
- Linux based vulnerabilities (CVE) exploit detection through runtime security using Falco/Osquery/Yara/Sigma☆21Nov 27, 2023Updated 2 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- urlscan.io API wrapper for Ruby☆13Oct 16, 2023Updated 2 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆74Jan 26, 2022Updated 4 years ago
- A collection of intelligence about Log4Shell and its exploitation activity.☆184Mar 4, 2022Updated 4 years ago
- A collection of papers, blogs, and resources that make up the quintessential aspects of cyber threat intelligence☆704Apr 21, 2025Updated 10 months ago
- MISP sighting server is a fast sighting server to store and look-up sightings on attributes (network indicators, file hashes, system indi…☆15Dec 24, 2023Updated 2 years ago
- Logbook for Digital Forensics and Incident Response☆11Jan 21, 2022Updated 4 years ago
- A very fast network scanner of SSL server configurations☆11Mar 28, 2016Updated 9 years ago
- ☆18Dec 6, 2022Updated 3 years ago
- Crowdstrike Falcon Host script for iterating through instances to get alert and other relevant data☆13Jul 16, 2019Updated 6 years ago
- A collection of tools adversaries commonly use in an attack.☆14Nov 23, 2024Updated last year
- OSSEM Detection Model☆183Oct 11, 2022Updated 3 years ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆89Feb 9, 2025Updated last year
- ☆30Jan 13, 2026Updated last month
- USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is exec…☆21Sep 6, 2022Updated 3 years ago
- Framework to reverse engineer binaries and evaluate similarities across a large collections of files. Uses sector hashing and data flow …☆15May 23, 2023Updated 2 years ago
- A modern CLI for Tenable.io written in Go☆14Nov 28, 2020Updated 5 years ago
- Cyber Underground General Intelligence Requirements☆98Feb 2, 2024Updated 2 years ago
- A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…☆59Jun 24, 2025Updated 8 months ago
- Supporting resources and documentation for FLARE @ Google Summer of Code 2023☆16Feb 7, 2023Updated 3 years ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆69Mar 17, 2024Updated last year
- python3 scripts to help with aws triage needs☆15Feb 11, 2022Updated 4 years ago
- This repository contains the code and PCAPS used for the SANS webinar, "Hacking Proprietary Protocols" given on February 23, 2021.☆34Apr 9, 2022Updated 3 years ago
- Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…☆41Oct 20, 2020Updated 5 years ago
- Bash Enumeration Script☆18Oct 18, 2019Updated 6 years ago
- A small tool to easily mount APFS image on macOS for forensics.☆16Jul 30, 2020Updated 5 years ago
- Validation tool for SANS Courseware files. Generates and validates against a checksum file.☆22Feb 11, 2026Updated 3 weeks ago
- A python package that helps with analysis of MSI files☆14Mar 28, 2021Updated 4 years ago
- A visualized overview of the Initial Access Broker (IAB) cybercrime landscape☆117Oct 22, 2021Updated 4 years ago
- Python for Defenders Course Resources☆20Aug 7, 2025Updated 6 months ago
- OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…☆229Jan 6, 2026Updated last month
- my goto docker image when playing ctfs with all the tools I need☆21Updated this week
- Python web app for previewing data in a Chrome Profile Folder☆23Jul 1, 2024Updated last year