Alternatives and similar repositories for ThreatHunter-Playbook

Users that are interested in ThreatHunter-Playbook are comparing it to the libraries listed below

• LDO-CERT / FireEye2TH
  FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform
  ☆16Updated 7 years ago
• bfuzzy / ThreatHunter-Playbook
  A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
  ☆14Updated 7 years ago
• dmb2168 / OAuthHunting
  ☆53Updated 7 years ago
• n3l5 / irMempull
  PowerShell Memory Pulling script
  ☆19Updated 10 years ago
• clr2of8 / DeployREMnux
  DeployREMnux is a Python script that will deploy a cloud instance of the public REMnux distribution in the Amazon cloud (AWS).
  ☆16Updated 5 years ago
• daguy666 / Transit
  MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.
  ☆20Updated 5 years ago
• gburkle / Stalker
  Threat Intel and Incident Reponse
  ☆10Updated 7 years ago
• paranoidninja / Threat-Hunting
  This repo is dedicated to all my tricks, tweaks and modules for testing and hunting threats. This repo contains multiple directories whic…
  ☆57Updated 7 years ago
• trustedsec / RisingSun
  RisingSun: Decoding SUNBURST C2 to identify infected hosts without network telemetry.
  ☆10Updated 4 years ago
• mdegrazia / OnionPeeler
  Python script to batch query the Tor Relays and Bridges
  ☆36Updated 6 years ago
• Beercow / ProcDOT-Plugins
  Plugins to add funtionality to ProcDOT. http://www.procdot.com
  ☆25Updated 2 years ago
• carnal0wnage / malicious_file_maker
  malicious file maker/sender to create and send malicious attachments to test your email filter/alerting
  ☆70Updated 8 years ago
• jobroche / Pastepwnd
  Identify compromised domains or emails. A python based HIBP and HackedEmails wrapper
  ☆38Updated 7 years ago
• rshipp / ir-triage-toolkit
  Create an incident response triage toolkit for use with Windows or Linux.
  ☆18Updated 5 years ago
• sans-blue-team / sec455-wiki
  ☆30Updated 7 years ago
• gr4ym4ntx / attackintel
  A python script to query the MITRE ATT&CK API for tactics, techniques, mitigations, & detection methods for specific threat groups.
  ☆67Updated 7 years ago
• joda32 / got-responded
  A simple tool to detect NBT-NS and LLMNR spoofing (and messing with them a bit)
  ☆36Updated 6 years ago
• dutchcoders / lootbox
  Lootbox downloads open directories shared on Twitter.
  ☆34Updated 4 years ago
• Fallenour / Venator
  Security Operations Center Multiple Purpose Tool, takes IP address input, conducts OSINT, conducts splunk, bro, fireeye, imperva, and fir…
  ☆21Updated 8 years ago
• grayfold3d / POSH-Triage
  Tools for parsing Forensic images
  ☆41Updated 7 years ago
• dafthack / PassphraseGen
  A script for generating custom passphrase lists to be used for password cracking with hashcat rules
  ☆81Updated 7 years ago
• ztgrace / recon_scripts
  ☆15Updated 9 years ago
• austin-taylor / bluewall
  Bluewall is a firewall framework designed for offensive and defensive cyber professionals.
  ☆106Updated 6 years ago
• trustedsec / HoneyBadger
  ☆81Updated 6 years ago
• clong / detect-responder
  ☆76Updated 7 years ago
• Rurik / Java_IDX_Parser
  Parses Java Cache IDX files
  ☆40Updated 7 years ago
• weslambert / securityonion-strelka
  ☆13Updated 6 years ago
• olafhartong / SA-Threat-Hunting
  Splunk app for Threat hunting
  ☆15Updated 7 years ago
• activeshadow / maltego-nmap
  A few transforms and a machine for parsing Nmap XML results
  ☆39Updated 9 years ago
• threatexpress / portplow
  PortPlow is a distributed port and system scanning & enumeration service. It enables the quick and automated enumeration of ports and ser…
  ☆55Updated last year