Alternatives and similar repositories for tehsat:

Users that are interested in tehsat are comparing it to the libraries listed below

• NexusFuzzy / raccoon_config
  Scans a list of raccoon servers from Tria.ge and extracts the config
  ☆15Updated last year
• NextronSystems / TA-aurora
  Splunk Technology-AddOn for Aurora Sigma-Based EDR Agent. It helps parse and configure the necessary inputs to neatly consume Aurora EDR …
  ☆13Updated 2 years ago
• IceMoonHSV / Sim
  C# User Simulation
  ☆32Updated 2 years ago
• StrangerealIntel / DeltaFlare
  ☆12Updated 3 years ago
• k3idii / CobaltStrike-Tools
  Tools for playing w/ CobaltStrike config - extractin, detection, processing, etc...
  ☆27Updated last year
• fatihsirin / Tweettioc-Splunk-App
  Tweettioc Splunk App
  ☆20Updated 4 years ago
• nettitude / PoshC2_IOCs
  A list of IOCs applicable to PoshC2
  ☆24Updated 4 years ago
• keydet89 / LNK
  Repository for LNK stuff
  ☆29Updated 2 years ago
• Insane-Forensics / drovorub-hunt
  A tool to assist with network-based hunting for GRU's Drovorub malware c2
  ☆25Updated 4 years ago
• conexioninversa / WOPR
  Globally distributed honeypots and HoneyNets IOCs and file reversing
  ☆16Updated 11 months ago
• Retrospected / kerbmon
  Continuous kerberoast monitor
  ☆44Updated last year
• Th1ru-M / Windows-Threat-Hunting
  Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine
  ☆22Updated 3 months ago
• arieljt / VTCodeBlocks-Maltego
  Maltego transforms to pivot between PE files based on their VirusTotal codeblocks
  ☆18Updated 3 years ago
• lemmou / RansomNoteFiles
  ☆23Updated 11 months ago
• rvrsh3ll / CanaryServer
  Fake SMB and SAMR data
  ☆11Updated 5 years ago
• obscuritylabs / operator-up
  Helpful operator notes and techniques in actionable form
  ☆16Updated last year
• peasead / windows-sandbox-to-elastic
  Rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sending data to Elastic Cloud.
  ☆48Updated last year
• jfmaes / Emulation-Workshop
  The repository accompanying the Buer Emulation workshop
  ☆24Updated 3 years ago
• Hestat / calamity
  A script to assist in processing forensic RAM captures for malware triage
  ☆27Updated 4 years ago
• WithSecureLabs / AMSIDetection
  AMSI detection PoC
  ☆31Updated 4 years ago
• yasser-alghamdi / winterfell-hunt
  Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…
  ☆15Updated 4 years ago
• rabobank-cdc / dettect-editor
  DeTT&CT Editor
  ☆12Updated 3 months ago
• Manticore-Platform / public-threats
  Manticore's Public Threats Repository
  ☆10Updated 4 years ago
• aaronst / talks
  Presentation materials for talks I've given.
  ☆20Updated 5 years ago
• 2igosha / sunburst_dga
  ☆22Updated 4 years ago
• two06 / EvtMute
  Apply a filter to the events being reported by windows event logging
  ☆15Updated 4 years ago
• schrodyn / steezy
  Steezy - Ghetto Yara Generation
  ☆15Updated 2 years ago
• automate-tim / conference-materials
  Speaking materials from conferences I've given
  ☆9Updated 2 years ago
• stairwell-inc / cobalt-strike-stager-parser
  ☆34Updated 2 years ago
• ThunderGunExpress / ThunderQuery
  ☆12Updated 5 years ago