Alternatives and similar repositories for threat-team

Users that are interested in threat-team are comparing it to the libraries listed below

• referefref / aiocrioc
  An LLM and OCR based Indicator of Compromise Extraction Tool
  ☆33Updated 6 months ago
• c2links / NoWhere2Hide
  C2 Active Scanner
  ☆59Updated 11 months ago
• threatcat-ch / malware-analysis-pipeline
  Lightweight Python-Based Malware Analysis Pipeline
  ☆34Updated 3 weeks ago
• eremit4 / Akamaru
  Sniffing out well-known threat groups
  ☆28Updated 9 months ago
• korniko98 / pivot-atlas
  ☆92Updated 2 weeks ago
• Neo23x0 / ThreatResearch-Reporting-Guide
  Offensive Research Guide to Help Defense Improve Detection
  ☆31Updated 2 years ago
• rapid7 / Rapid7-Labs
  Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…
  ☆62Updated 2 weeks ago
• markkcc / crxaminer
  Examine Chrome extensions for security issues
  ☆83Updated 3 months ago
• adulau / HHHash
  HTTP Headers Hashing (HHHash) is a technique used to create a fingerprint of an HTTP server based on the headers it returns.
  ☆77Updated last year
• ninoseki / shimon
  URL fingerprinting made easy
  ☆86Updated last year
• EC-DIGIT-CSIRC / openai-cti-summarizer
  Small web frontend for using openAI's GPT-3.5 and GPT-4's API
  ☆55Updated last month
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆76Updated 2 years ago
• bartblaze / FARA
  Repository that contains a set of purposefully erroneous Yara rules.
  ☆51Updated last year
• jstrosch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆52Updated 5 months ago
• northsh / detection.studio
  Convert Sigma rules to SIEM queries, directly in your browser.
  ☆81Updated last week
• montysecurity / InfraSpyder
  Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.
  ☆27Updated 2 years ago
• DomainTools / DomainCAT
  Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations
  ☆43Updated 3 years ago
• muchdogesec / obstracts
  Turn any blog into structured threat intelligence.
  ☆31Updated this week
• mitre / training
  A CALDERA plugin
  ☆26Updated 10 months ago
• blackberry / threat-research-and-intelligence
  BlackBerry Threat Research & Intelligence
  ☆98Updated last year
• 100DaysofYARA / 2025
  Rules shared by the community from 100 Days of YARA 2025
  ☆33Updated 4 months ago
• DataDog / HASH
  HASH (HTTP Agnostic Software Honeypot)
  ☆137Updated last year
• EfstratiosLontzetidis / pythia
  Pythia is a versatile query format designed to facilitate the discovery of malicious infrastructure by seamlessly converting into the syn…
  ☆33Updated 9 months ago
• CyberSecurityUP / Adversary-Emulation-Guide
  ☆20Updated 2 years ago
• SentineLabs / macos-ttps-yara
  A ruleset to find potentially malicious code in macOS malware samples
  ☆40Updated last year
• BushidoUK / Abused-Legitimate-Services
  Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
  ☆60Updated 2 years ago
• ThreatMon / ThreatMon-Daily-C2-Feeds
  IOC Stream and Command and Control Database Containing Command and Control (C2) Servers Detected Daily by ThreatMon.
  ☆64Updated last year
• curated-intel / The-CTI-Research-Guide
  A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners
  ☆91Updated 7 months ago
• magicsword-io / LOLBASline
  Baseline a Windows System against LOLBAS
  ☆27Updated last year
• MalGamy / YARA_Rules
  ☆66Updated 2 years ago