A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.
☆35Jul 23, 2024Updated last year
Alternatives and similar repositories for Hunting-Lists
Users that are interested in Hunting-Lists are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- GitHub landing page repo☆12May 14, 2026Updated last month
- ☆14Updated this week
- A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 D…☆783Jun 3, 2026Updated last month
- Cobalt Strike random C2 Profile generator☆18Apr 3, 2026Updated 3 months ago
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆70Dec 2, 2022Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Research into Undocumented Behavior of Azure AD Refresh Tokens☆13Oct 27, 2023Updated 2 years ago
- Client-side Encrypted Upload Server Python Script☆67Jul 10, 2025Updated 11 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆60Mar 2, 2025Updated last year
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆470Feb 18, 2026Updated 4 months ago
- Scripts useful in cracking the Vulnhub Lab named View2aKill: 1☆27Feb 1, 2020Updated 6 years ago
- really ?☆12Feb 29, 2024Updated 2 years ago
- ☆28Jan 8, 2025Updated last year
- 🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.☆14May 22, 2024Updated 2 years ago
- ☆21Apr 10, 2025Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- ☆30Jan 13, 2026Updated 5 months ago
- A web scraper to create MISP events and reports☆19Jun 6, 2026Updated last month
- Browser Bookmark that will ask for keyword(s) and then color highlight these words on the webpage you visit☆12Nov 15, 2023Updated 2 years ago
- SNMP Bash Script to discover valid community strings, dump basic information, check for write permission and check for RCE.☆11Apr 27, 2024Updated 2 years ago
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆21Jul 1, 2023Updated 3 years ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆81Apr 27, 2024Updated 2 years ago
- Powershell collection designed to assist in Threat Hunting Windows systems.☆27Apr 13, 2018Updated 8 years ago
- Sniffing files generator☆62Feb 24, 2025Updated last year
- A Windows tool that converts LDIF files to BloodHound CE☆32Dec 20, 2025Updated 6 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Cheat sheets for threat hunting, detection and other stuff.☆34Oct 7, 2022Updated 3 years ago
- Azure OpenAI Playbook created for Microsoft Sentinel☆14May 2, 2024Updated 2 years ago
- Slides and videos from talks given at cons☆29Jun 22, 2026Updated 2 weeks ago
- Pentest report writing guide☆20Apr 15, 2026Updated 2 months ago
- This repository contains generated contextual data utilized by pyattck.☆19Mar 3, 2025Updated last year
- Custom mini tools during Red Teaming engagements☆24Jun 3, 2026Updated last month
- Repository for dirty scripts and PoCs☆20Feb 18, 2025Updated last year
- Parses Cobalt Strike malleable C2 profiles.☆61Jun 29, 2026Updated last week
- This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…☆17Mar 10, 2023Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Hooked create process injection for meterpreter☆23Jun 16, 2021Updated 5 years ago
- Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposes☆22Jun 15, 2022Updated 4 years ago
- Released at Black Hat Asia on April 18, 2024, Cloud Console Cartographer is a framework for condensing groupings of cloud events (e.g. Cl…☆174May 16, 2024Updated 2 years ago
- Web based S1 query navigator for one-click threat hunting☆26Dec 18, 2020Updated 5 years ago
- A spreadsheet designed to automatically generate Key Performance Indicators (charts) for Cyber Security Services based on documented data…☆31Jul 19, 2024Updated last year
- Knowledge base of analytics designed to cover threats based on MITRE's ATT&CK.☆23Dec 13, 2018Updated 7 years ago
- ☆158Jun 23, 2026Updated 2 weeks ago