Alternatives and similar repositories for ThreatHunter-Playbook:

Users that are interested in ThreatHunter-Playbook are comparing it to the libraries listed below

• sans-blue-team / sec455-wiki
  ☆29Updated 6 years ago
• trustedsec / RisingSun
  RisingSun: Decoding SUNBURST C2 to identify infected hosts without network telemetry.
  ☆10Updated 4 years ago
• laconicwolf / random-python
  Various Python scripts that have come in handy but aren't important enough to get their own repository
  ☆22Updated 4 years ago
• mdegrazia / OnionPeeler
  Python script to batch query the Tor Relays and Bridges
  ☆36Updated 5 years ago
• n3l5 / irMempull
  PowerShell Memory Pulling script
  ☆19Updated 9 years ago
• OneLogicalMyth / toolkit
  Collection of scripts and tools that I created to aid in my testing.
  ☆14Updated 2 years ago
• jaredhaight / scripts
  A collection of scripts that I've written while pentesting.
  ☆31Updated 6 years ago
• rshipp / ir-triage-toolkit
  Create an incident response triage toolkit for use with Windows or Linux.
  ☆17Updated 4 years ago
• bfuzzy / ThreatHunter-Playbook
  A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
  ☆14Updated 6 years ago
• HarmJ0y / NetRipper
  NetRipper - Smart traffic sniffing for penetration testers
  ☆17Updated 9 years ago
• inishantgrover / Shodmon
  The Shodan monitoring tools allows you to monitor shodan listed servers basis on the filter you provided
  ☆33Updated 3 years ago
• 0sm0s1z / Tiberium
  ☆21Updated last year
• Raikia / Get-ReconInfo
  A powershell script that prints a lot of IP and connection info to the screen
  ☆30Updated 8 years ago
• zkvL / secutils
  ☆18Updated last year
• joda32 / got-responded
  A simple tool to detect NBT-NS and LLMNR spoofing (and messing with them a bit)
  ☆36Updated 5 years ago
• JacobPimental / gunslinger
  Gunslinger is used to hunt for Magecart sites using URLScan's API
  ☆30Updated 2 years ago
• PivotAll / PivotAll
  Comprehensive Pivoting Framework
  ☆20Updated 8 years ago
• sasqwatch / rokkaku
  A fileless Windows keylogger that exfils via DNS.
  ☆32Updated 7 years ago
• Rurik / Java_IDX_Parser
  Parses Java Cache IDX files
  ☆39Updated 6 years ago
• redhuntlabs / Maltego-Scripts
  ☆34Updated 3 weeks ago
• killswitch-GUI / SecurityTools
  A single repository for any security tools, scripts, documentation, etc. that I add
  ☆12Updated 7 years ago
• phainlen / DNS-Hunting
  Use DNS to hunt for threats including DGAs
  ☆14Updated 9 years ago
• nccgroup / WebFEET
  Web Filter External Enumeration Tool (WebFEET)
  ☆75Updated 10 years ago
• porterhau5 / BloodHound
  Six Degrees of Domain Admin
  ☆15Updated 7 years ago
• clr2of8 / DeployREMnux
  DeployREMnux is a Python script that will deploy a cloud instance of the public REMnux distribution in the Amazon cloud (AWS).
  ☆16Updated 5 years ago
• mgeeky / LISET
  Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident re…
  ☆28Updated 8 years ago
• ZoomerTedJackson / Powershell-Domain-User-Enumeration
  ☆12Updated 8 years ago
• Beercow / ProcDOT-Plugins
  Plugins to add funtionality to ProcDOT. http://www.procdot.com
  ☆23Updated last year
• sans-blue-team / course_indices
  Indices for courses in SANS' Network Security Operations curriculum
  ☆15Updated 9 years ago
• EbryxLabs / __DFIR-scripts
  Quick & Dirty DFIR scripts developed by Ebryx DFIR team to keep handy during field assignment
  ☆14Updated 7 months ago