Alternatives and similar repositories for ThreatHunter-Playbook

Users that are interested in ThreatHunter-Playbook are comparing it to the libraries listed below

• sans-blue-team / sec455-wiki
  ☆30Updated 6 years ago
• n3l5 / irMempull
  PowerShell Memory Pulling script
  ☆19Updated 10 years ago
• LDO-CERT / FireEye2TH
  FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform
  ☆16Updated 7 years ago
• paranoidninja / Threat-Hunting
  This repo is dedicated to all my tricks, tweaks and modules for testing and hunting threats. This repo contains multiple directories whic…
  ☆56Updated 7 years ago
• joswr1ght / pcaphistogram
  Generate a histogram of TCP and UDP payload bytes from a pcap file
  ☆24Updated 3 years ago
• weslambert / securityonion-strelka
  ☆13Updated 6 years ago
• cmlh / Maltego-haveibeenpwned
  Maltego integration of https://haveibeenpwned.com
  ☆61Updated 7 months ago
• grayfold3d / POSH-Triage
  Tools for parsing Forensic images
  ☆41Updated 6 years ago
• bfuzzy / ThreatHunter-Playbook
  A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
  ☆14Updated 7 years ago
• Beercow / ProcDOT-Plugins
  Plugins to add funtionality to ProcDOT. http://www.procdot.com
  ☆24Updated 2 years ago
• activecm / bro-install
  An Installation Script for Bro IDS on Debian Based Systems
  ☆20Updated 5 years ago
• appsecco / docker-datasploit
  Docker container for datasploit framework
  ☆26Updated 8 years ago
• AlmCo / Panorama
  Fast incident overview
  ☆40Updated 8 years ago
• trustedsec / RisingSun
  RisingSun: Decoding SUNBURST C2 to identify infected hosts without network telemetry.
  ☆10Updated 4 years ago
• daguy666 / Transit
  MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.
  ☆20Updated 5 years ago
• JacobPimental / gunslinger
  Gunslinger is used to hunt for Magecart sites using URLScan's API
  ☆31Updated 3 years ago
• dmb2168 / OAuthHunting
  ☆53Updated 7 years ago
• mdegrazia / OnionPeeler
  Python script to batch query the Tor Relays and Bridges
  ☆36Updated 6 years ago
• laconicwolf / random-python
  Various Python scripts that have come in handy but aren't important enough to get their own repository
  ☆22Updated 4 years ago
• jobroche / Pastepwnd
  Identify compromised domains or emails. A python based HIBP and HackedEmails wrapper
  ☆38Updated 7 years ago
• gr4ym4ntx / attackintel
  A python script to query the MITRE ATT&CK API for tactics, techniques, mitigations, & detection methods for specific threat groups.
  ☆66Updated 6 years ago
• kinomakino / Threat-Intelligence-Data
  Snort_rules detection bad actors.
  ☆28Updated last year
• rshipp / ir-triage-toolkit
  Create an incident response triage toolkit for use with Windows or Linux.
  ☆18Updated 5 years ago
• ajackal / ideal-alligator
  PowerShell script to retreive wifi ESSIDs and Passwords.
  ☆26Updated 8 years ago
• activeshadow / maltego-nmap
  A few transforms and a machine for parsing Nmap XML results
  ☆39Updated 9 years ago
• thirdeyeintelligence / Tools-mindmap
  mindmap created for tools can be used during analysis/investigation
  ☆27Updated 8 years ago
• mvelazc0 / PurpleSpray
  PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…
  ☆50Updated 6 years ago
• gburkle / Stalker
  Threat Intel and Incident Reponse
  ☆10Updated 7 years ago
• ktneely / Tr3Secure
  Batch scripts to capture volatile and log information from a target system
  ☆21Updated 11 years ago
• kevthehermit / yaraMail
  Yara Scanner For IMAP Feeds and saved Streams
  ☆28Updated 5 years ago