darkoperator / ThreatHunter-PlaybookLinks
A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns by leveraging Windows Events and Sysmon logs.
☆12Updated 8 years ago
Alternatives and similar repositories for ThreatHunter-Playbook
Users that are interested in ThreatHunter-Playbook are comparing it to the libraries listed below
Sorting:
- A few transforms and a machine for parsing Nmap XML results☆38Updated 9 years ago
- PowerShell Memory Pulling script☆19Updated 10 years ago
- Maltego integration of https://haveibeenpwned.com☆61Updated 4 months ago
- This repo is dedicated to all my tricks, tweaks and modules for testing and hunting threats. This repo contains multiple directories whic…☆56Updated 7 years ago
- A simple tool to detect NBT-NS and LLMNR spoofing (and messing with them a bit)☆36Updated 6 years ago
- ☆30Updated 6 years ago
- ☆18Updated last year
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.☆14Updated 7 years ago
- Python-based CLI Password Analyser (Reporting Tool)☆33Updated 3 years ago
- Gunslinger is used to hunt for Magecart sites using URLScan's API☆31Updated 3 years ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Updated 6 years ago
- NetRipper - Smart traffic sniffing for penetration testers☆17Updated 9 years ago
- RisingSun: Decoding SUNBURST C2 to identify infected hosts without network telemetry.☆10Updated 4 years ago
- A script for generating custom passphrase lists to be used for password cracking with hashcat rules☆80Updated 7 years ago
- A single repository for any security tools, scripts, documentation, etc. that I add☆12Updated 8 years ago
- Web Filter External Enumeration Tool (WebFEET)☆77Updated 10 years ago
- Passive recon / OSINT automation script☆39Updated 6 years ago
- Modular tool to test exfiltration techniques.☆37Updated 8 years ago
- tools for analyzing strings from password lists☆59Updated 2 years ago
- A python script to query the MITRE ATT&CK API for tactics, techniques, mitigations, & detection methods for specific threat groups.☆66Updated 6 years ago
- ☆16Updated 2 months ago
- Bluewall is a firewall framework designed for offensive and defensive cyber professionals.☆106Updated 6 years ago
- PortPlow is a distributed port and system scanning & enumeration service. It enables the quick and automated enumeration of ports and ser…☆54Updated 8 months ago
- Acheron is a RESTful vulnerability assessment and management framework built around search and dedicated to terminal extensibility.☆32Updated 2 years ago
- Veil 3.1.X (Check version info in Veil at runtime)☆15Updated 5 years ago
- Security Operations Center Multiple Purpose Tool, takes IP address input, conducts OSINT, conducts splunk, bro, fireeye, imperva, and fir…☆21Updated 8 years ago
- Plugins to add funtionality to ProcDOT. http://www.procdot.com☆23Updated last year
- A collection of scripts that I've written while pentesting.☆31Updated 7 years ago
- A few scripts I put together for testing purposes and to automate a few capabilities while doing IR. These scripts are also part of my bl…☆55Updated 7 years ago
- A bunch of scripts I use to work with urlscan.io☆34Updated 5 years ago